CVE-2020-27794 - OpenCVE

A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Radare	Radare2

Configuration 1 [-]

cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683
https://github.com/radareorg/radare2/issues/16303

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-08-19T22:44:29

Updated: 2024-08-04T16:25:43.800Z

Reserved: 2020-10-27T00:00:00

Link: CVE-2020-27794

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-19T23:15:08.427

Modified: 2022-08-22T13:47:12.193

Link: CVE-2020-27794

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "radare2", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in v4.4.0."}]}], "descriptions": [{"lang": "en", "value": "A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-415", "description": "CWE-415 - Double Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-19T22:44:29", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/radareorg/radare2/issues/16303"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-27794", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "radare2", "version": {"version_data": [{"version_value": "Fixed in v4.4.0."}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-415 - Double Free"}]}]}, "references": {"reference_data": [{"name": "https://github.com/radareorg/radare2/issues/16303", "refsource": "MISC", "url": "https://github.com/radareorg/radare2/issues/16303"}, {"name": "https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683", "refsource": "MISC", "url": "https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:25:43.800Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/radareorg/radare2/issues/16303"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-27794", "datePublished": "2022-08-19T22:44:29", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-08-04T16:25:43.800Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}