漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
radareorg radare2 str.c r_str_word_get0set integer overflow
Vulnerability Description
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as 11ac224c0eb8d57830fccc99e1c1cd8e5d958813. It is best practice to apply a patch to resolve this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
Radare2 数字错误漏洞
Vulnerability Description
Radare Radare2是Radare团队开源的一个面向 Unix 极客的 Libre 反向框架。 Radare2 6.1.6及之前版本存在数字错误漏洞,该漏洞源于文件libr/util/str.c中的函数r_str_word_get0set存在整数溢出,可能导致本地攻击者发起攻击。
CVSS Information
N/A
Vulnerability Type
N/A