CVE-2022-0519— Buffer Access with Incorrect Length Value in radareorg/radare2
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-0519
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Buffer Access with Incorrect Length Value in radareorg/radare2
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用不正确的长度值访问缓冲区
Source: NVD (National Vulnerability Database)
Vulnerability Title
Radareorg Radare2 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
radare2是一套用于处理二进制文件的库和工具。 Radareorg Radare2 中存在缓冲区错误漏洞,该漏洞源于产品未有效判断内存边界。攻击者可通过该漏洞导致缓冲区溢出。以下产品及版本受到影响:Radareorg Radare2 5.6.2 之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| radareorg | radareorg/radare2 | unspecified ~ 5.6.2 | - |
II. Public POCs for CVE-2022-0519
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-0519
请登录查看更多情报信息。
- https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3x_refsource_CONFIRM
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2022-0519
Same Patch Batch · radareorg · 2022-02-08 · 7 CVEs total
| CVE-2022-0522 | Access of Memory Location Before Start of Buffer in radareorg/radare2 | |
| CVE-2022-0521 | Access of Memory Location After End of Buffer in radareorg/radare2 | |
| CVE-2022-0520 | Use After Free in radareorg/radare2 | |
| CVE-2022-0518 | Heap-based Buffer Overflow in radareorg/radare2 | |
| CVE-2022-0139 | Use After Free in radareorg/radare2 | |
| CVE-2022-0523 | Use After Free in radareorg/radare2 |
IV. Related Vulnerabilities
Same product: radareorg/radare2
- CVE-2023-5686
Heap-based Buffer Overflow in radareorg/radare2 - CVE-2023-4322
Heap-based Buffer Overflow in radareorg/radare2 - CVE-2023-1605
Denial of Service in radareorg/radare2 - CVE-2023-0302
Failure to Sanitize Special Elements into a Different Plane - CVE-2022-4843
NULL Pointer Dereference in radareorg/radare2
Same vendor: radareorg
- CVE-2026-6942
radare2-mcp <=1.6.0 OS Command Injection via Shell Metachara - CVE-2026-6941
radare2 < 6.1.4 Project Notes Path Traversal via Symlink - CVE-2026-6940
radare2 < 6.1.4 Project Deletion Path Traversal Directory De - CVE-2026-40517
radare2 < 6.1.4 Command Injection via PDB Parser Symbol Name - CVE-2026-40527
radare2 Command Injection via DWARF Parameter Names
Same weakness: CWE-805
- CVE-2026-34002
Xorg: xwayland: x.org x server: information disclosure or de - CVE-2026-6245
Sssd: out-of-bounds read in the sssd - CVE-2026-20033
Cisco NX-OS Software Denial of Service Vulnerability - CVE-2026-20010
Cisco Nexus 3000 and 9000 Series Switches Link Layer Discove - CVE-2026-1837
libjxl: Out-of-bounds write in grayscale color transformatio
V. Comments for CVE-2022-0519
No comments yet