Multiple vulnerabilities in radare2
CENSUS ID: | CENSUS-2022-0001 |
CVE IDs: | CVE-2022-0419, CVE-2021-44974, CVE-2021-44975 |
Affected Products: | radare2 versions prior to 5.6.0 |
Class: | NULL pointer dereference (CWE-476), Heap-based buffer overflow (CWE-122) |
Discovered by: | Angelos T. Kalaitzidis |
CENSUS identified a number of NULL pointer dereference and Heap buffer overflow bugs in the radare2 project code. Radare2 is a popular reverse engineering framework. CENSUS has verified that release 5.6.0 of radare2 carries the appropriate fixes to remediate all of the identified issues.
Multiple NULL pointer dereference vulnerabilities in newlib
CENSUS ID: | CENSUS-2020-0001 |
CVE IDs: | CVE-2019-14871, CVE-2019-14872, CVE-2019-14873, CVE-2019-14874, CVE-2019-14875, CVE-2019-14876, CVE-2019-14877, CVE-2019-14878 |
Affected Products: | newlib versions prior to 3.3.0, its derivatives (e.g. newlib-nano, picolibc and related Platform SDKs such as " GNU ARM Embedded Toolchain 64-bit Linux 8-2018-q4-major") |
Class: | NULL pointer dereference (CWE-476) |
Discovered by: | Dimitrios Glynos |
During the security assessment of a firmware binary a number of NULL pointer dereference bugs were found caused by newlib-nano code. newlib-nano is a C library for use on 32-bit processors that have only a few kB of memory. It turns out that newlib-nano was part of the "GNU ARM Embedded Toolchain" that the chip manufacturer (Microchip/Atmel) delivered for application development purposes. newlib-nano inherits code from the newlib project, which is a C library intended for use on embedded systems. All NULL pointer dereference bugs identified in newlib-nano were inherited by newlib code and therefore CENSUS reported the respective vulnerabilities to the upstream project. Users of the newlib library are advised to update to version 3.3.0 and make sure to build the library sources with the newlib-reent-check-verify 'configure' option enabled.