CVE-2022-0521— Access of Memory Location After End of Buffer in radareorg/radare2
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-0521
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Access of Memory Location After End of Buffer in radareorg/radare2
Source: NVD (National Vulnerability Database)
Vulnerability Description
Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在缓冲区结束位置之后访问内存
Source: NVD (National Vulnerability Database)
Vulnerability Title
Radareorg Radare2 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
radare2是一套用于处理二进制文件的库和工具。 Radareorg Radare2 中存在缓冲区错误漏洞,该漏洞源于产品未有效判断内存边界。攻击者可通过该漏洞导致缓冲区溢出。以下产品及版本受到影响:Radareorg Radare2 5.6.2 之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| radareorg | radareorg/radare2 | unspecified ~ 5.6.2 | - |
II. Public POCs for CVE-2022-0521
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-0521
请登录查看更多情报信息。
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2022-0521
Same Patch Batch · radareorg · 2022-02-08 · 7 CVEs total
| CVE-2022-0522 | Access of Memory Location Before Start of Buffer in radareorg/radare2 | |
| CVE-2022-0520 | Use After Free in radareorg/radare2 | |
| CVE-2022-0519 | Buffer Access with Incorrect Length Value in radareorg/radare2 | |
| CVE-2022-0518 | Heap-based Buffer Overflow in radareorg/radare2 | |
| CVE-2022-0139 | Use After Free in radareorg/radare2 | |
| CVE-2022-0523 | Use After Free in radareorg/radare2 |
IV. Related Vulnerabilities
Same product: radareorg/radare2
- CVE-2023-5686
Heap-based Buffer Overflow in radareorg/radare2 - CVE-2023-4322
Heap-based Buffer Overflow in radareorg/radare2 - CVE-2023-1605
Denial of Service in radareorg/radare2 - CVE-2023-0302
Failure to Sanitize Special Elements into a Different Plane - CVE-2022-4843
NULL Pointer Dereference in radareorg/radare2
Same vendor: radareorg
- CVE-2026-6942
radare2-mcp <=1.6.0 OS Command Injection via Shell Metachara - CVE-2026-6941
radare2 < 6.1.4 Project Notes Path Traversal via Symlink - CVE-2026-6940
radare2 < 6.1.4 Project Deletion Path Traversal Directory De - CVE-2026-40517
radare2 < 6.1.4 Command Injection via PDB Parser Symbol Name - CVE-2026-40527
radare2 Command Injection via DWARF Parameter Names
Same weakness: CWE-788
- CVE-2023-20585
Microsoft Input-Output Memory Management Unit 安全漏洞 - CVE-2026-20052
Cisco Secure Firewall Threat Defense Software Snort 3 Memory - CVE-2026-21316
Audition | Access of Memory Location After End of Buffer (CW - CVE-2025-36581
Dell PowerEdge Platform 14G AMD BIOS 安全漏洞 - CVE-2025-43580
Audition | Access of Memory Location After End of Buffer (CW
V. Comments for CVE-2022-0521
No comments yet