Vulnerabilities > CVE-2022-1649 - NULL Pointer Dereference vulnerability in Radare Radare2

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
radare
CWE-476
NVD
Published: 2022-05-10
Updated: 2023-06-27

Summary

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).

Vulnerable Configurations

Part Description Count
Application
Radare
83

Common Weakness Enumeration (CWE)

References