CVE Vulnerabilities

CVE-2019-12865

Double Free

Published: Jun 17, 2019 | Modified: Nov 07, 2023
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.

Weakness

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Affected Software

Name Vendor Start Version End Version
Radare2 Radare * 3.5.1

Potential Mitigations

References