SUSE Package Hub - openSUSE-2024-397

Update Info

openSUSE-2024-397

Security update for radare2

Type: security

Severity: important

Issued: 2024-12-09

Description:

This update for radare2 fixes the following issues:

Update to version 5.9.8:

- CVE-2024-29645: buffer overflow vulnerability allows an attacker to
  execute arbitrary code via the parse_die function (boo#1234065).
- For more details, check full release notes:
  https://github.com/radareorg/radare2/releases/tag/5.9.8
  https://github.com/radareorg/radare2/releases/tag/5.9.6
  https://github.com/radareorg/radare2/releases/tag/5.9.4
  https://github.com/radareorg/radare2/releases/tag/5.9.2
  https://github.com/radareorg/radare2/releases/tag/5.9.0 
  https://github.com/radareorg/radare2/releases/tag/5.8.8

References

CVE: CVE-2024-29645
Bugzilla: 1234065 VUL-0: CVE-2024-29645: radare2: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parse_die function

Packages

radare2-5.9.8-bp156.4.3.1