CVE Vulnerabilities

CVE-2022-1382

NULL Pointer Dereference

Published: Apr 18, 2022 | Modified: Apr 26, 2022
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Radare2 Radare * 5.6.8 (excluding)
Radare2 Ubuntu esm-apps/focal *
Radare2 Ubuntu focal *
Radare2 Ubuntu lunar *
Radare2 Ubuntu mantic *
Radare2 Ubuntu trusty *
Radare2 Ubuntu xenial *

Potential Mitigations

References