Hi, On Thu, Aug 08, 2019 at 09:22:44AM +0200, Salvatore Bonaccorso wrote: > Source: radare2 > Version: 3.2.1+dfsg-5 > Severity: important > Tags: security upstream > Forwarded: https://github.com/radare/radare2/pull/14690 > > Hi, > > The following vulnerability was published for radare2. > > CVE-2019-14745[0]: > | In radare2 before 3.7.0, a command injection vulnerability exists in > | bin_symbols() in libr/core/cbin.c. By using a crafted executable file, > | it's possible to execute arbitrary shell commands with the permissions > | of the victim. This vulnerability is due to improper handling of > | symbol names embedded in executables.
FTR, not only the initial commit but two more are needed to adress this issue: https://github.com/radareorg/radare2/commit/5411543a310a470b1257fb93273cdd6e8dfcb3af and https://github.com/radareorg/radare2/commit/dd739f5a45b3af3d1f65f00fe19af1dbfec7aea7 are as well needed (otherwise radare2 will be affected by CVE-2019-16718. Regards, Salvatore
