CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
@huntrdevCNA
5.3 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
radareradare2
𝑥
< 5.6.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
radare2
sid
5.9.4+dfsg-1
fixed
trixie
5.9.4+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
radare2
noble
needs-triage
mantic
ignored
lunar
ignored
focal
needed
bionic
not-affected
xenial
needs-triage
trusty
ignored
Common Weakness Enumeration
References
https://github.com/radareorg/radare2/commit/48f0ea79f99174fb0a62cb2354e13496ce5b7c44
https://huntr.dev/bounties/d8b6d239-6d7b-4783-b26b-5be848c01aa1
https://github.com/radareorg/radare2/commit/48f0ea79f99174fb0a62cb2354e13496ce5b7c44
https://huntr.dev/bounties/d8b6d239-6d7b-4783-b26b-5be848c01aa1