CVE-2022-0476
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-0476
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0476.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-0476
- Downstream
- Related
- Published
- 2022-02-23T17:15:21Z
- Modified
- 2025-10-25T12:13:30.126991Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
- References
-
- https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b
- https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/
Affected packages
Git / github.com/radare/radare2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/radare/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.4-termux4
0.10.5
0.10.6
0.8.6
0.8.8
0.9
0.9.2
0.9.4
0.9.6
0.9.7
0.9.8
0.9.8-rc1
0.9.8-rc2
0.9.8-rc3
0.9.8-rc4
0.9.9
1.*
1.0
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.0-git
1.3.0
1.3.0-git
1.4.0
1.5.0
1.6.0
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.4.0
2.5.0
2.6.0
2.6.9
2.7.0
2.8.0
2.9.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.2
3.1.3
3.2.0
3.2.1
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.8.0
3.9.0
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
4.3.1
4.4.0
4.5.1
5.*
5.0.0
5.1.0
5.1.1
5.2.0
5.2.1
5.3.0
5.3.1
5.4.0
5.4.0-git
5.4.2
5.5.0
5.5.2
5.5.4
5.6.0
5.6.2
Other
Continuous-Windows
continuous
radare2-windows-nightly
termux
release-5.*
release-5.0.0
Git / github.com/radareorg/radare2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/radareorg/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.4-termux4
0.10.5
0.10.6
0.8.6
0.8.8
0.9
0.9.2
0.9.4
0.9.6
0.9.7
0.9.8
0.9.8-rc1
0.9.8-rc2
0.9.8-rc3
0.9.8-rc4
0.9.9
1.*
1.0
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.0-git
1.3.0
1.3.0-git
1.4.0
1.5.0
1.6.0
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.4.0
2.5.0
2.6.0
2.6.9
2.7.0
2.8.0
2.9.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.2
3.1.3
3.2.0
3.2.1
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.8.0
3.9.0
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
4.3.1
4.4.0
4.5.1
5.*
5.0.0
5.1.0
5.1.1
5.2.0
5.2.1
5.3.0
5.3.1
5.4.0
5.4.0-git
5.4.2
5.5.0
5.5.2
5.5.4
5.6.0
5.6.2
Other
Continuous-Windows
continuous
radare2-windows-nightly
termux
release-5.*
release-5.0.0
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 14820.0,
"function_hash": "30951102218509125657508997855169083209"
},
"id": "CVE-2022-0476-3a220ff1",
"signature_type": "Function",
"target": {
"file": "libr/bin/format/mdmp/mdmp.c",
"function": "r_bin_mdmp_init_directory_entry"
},
"source": "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1554.0,
"function_hash": "57726893923517054243531246508553198352"
},
"id": "CVE-2022-0476-e6c09487",
"signature_type": "Function",
"target": {
"file": "libr/bin/format/mdmp/mdmp.c",
"function": "read_module"
},
"source": "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275552393701754996399944818187420562831",
"51480177302293443646916193371964696135",
"314480006185354930595657700677763741386",
"21954650861929115623157049304817555218",
"18355731262772058910335495027466139696",
"371527752371981527667813065074379901",
"67380094690857646589289312045201740479",
"93389417929244949149505888512970955208",
"8491173396196390764165409862317015326",
"325748450155876567579316472102193188310",
"302924433255959304072951242273194746591",
"141129148654652048000936463932258095245",
"139190525409289618553538949995410604064",
"327060463196547518093117952296179024940",
"166813069265709707090815130303115677730",
"334485001814701075743904403805543050265",
"252235955132967377061563049979141253351",
"3654499069752540487372076948957066643",
"255832320848664819319480054109638424616",
"210652199516857225616360499289167629879",
"239713396576489263359228699178396564971",
"198774643076202029312316672803905827328",
"73090527176070941660333553176784392845",
"275143909127988658102309214329538595171",
"38766445304991449990353127694075245840",
"19089147254544148339618424859009895238",
"76759288173381546199266743911851975938",
"135460446580016438286759417407798751045",
"56478030684151745319972495766314265556",
"3040715323947300299266651073283320936",
"224202863063323426366007037761890757075",
"138648073865610730689899881442717246386",
"137239322999989844071385784306435996622",
"106878851274655195842957897858733672564",
"169763126339712862435407026049424597825",
"132470738571071615673197014893262116511",
"298854007290434620523236644002773896878",
"333471054296165991433124058248951236181",
"45391724356206517019867817570819065745",
"95710905536065879565765253734497900603",
"112456907042217115916445929926071744769",
"76119338820951405394616441881813841563",
"210716101068465694438401522399000463120",
"190677708785556670562150781805907637477",
"49371356146140021249851139224664382330",
"150770014639214903274724779462607151374",
"63718847562543533970913263155600070773",
"136732145705748595238053064694753931566",
"253340830581379928240007730964373495565",
"147494161283379116767313943706642403309",
"133735243076468480192444199853671517087"
]
},
"id": "CVE-2022-0476-f10c5b1b",
"signature_type": "Line",
"target": {
"file": "libr/bin/format/mdmp/mdmp.c"
},
"source": "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b"
}
]