Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-1649: Fix null deref in macho parser ##crash · radareorg/radare2@a5aafb9

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE.

CVE
#mac#git#buffer_overflow

Permalink

Browse files

Fix null deref in macho parser ##crash

* Reported by Han0nly via huntrdev * BountyID: c07e4918-cf86-4d2e-8969-5fb63575b449 * Reproducer: machonull

  • Loading branch information

1 parent 4b22fc5 commit a5aafb99c3965259c84ddcf45a91144bf7eb4cf1

Showing with 3 additions and 0 deletions.

  1. +3 −0 libr/bin/format/mach0/mach0.c

@@ -4580,6 +4580,9 @@ void MACH0_(iterate_chained_fixups)(struct MACH0_(obj_t) *bin, ut64 limit_start,

if (page_idx >= bin->chained_starts[i]->page_count) {

break;

}

if (!bin->chained_starts[i]->page_start) {

break;

}

ut16 page_start = bin->chained_starts[i]->page_start[page_idx];

if (page_start == DYLD_CHAINED_PTR_START_NONE) {

continue;

0 comments on commit a5aafb9

Please sign in to comment.

Related news

CVE-2022-1629: patch 8.2.4925: trailing backslash may cause reading past end of line · vim/vim@53a7028

Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907