CVE-2022-1714
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-1714
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1714.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-1714
- Downstream
- Related
- Published
- 2022-05-13T15:15:08Z
- Modified
- 2025-09-19T13:31:05.073496Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.
- References
Affected packages
Git / github.com/radare/radare2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/radare/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/radareorg/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.4-termux4
0.10.5
0.10.6
0.8.6
0.8.8
0.9
0.9.2
0.9.4
0.9.6
0.9.7
0.9.8
0.9.8-rc1
0.9.8-rc2
0.9.8-rc3
0.9.8-rc4
0.9.9
1.*
1.0
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.0-git
1.3.0
1.3.0-git
1.4.0
1.5.0
1.6.0
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.4.0
2.5.0
2.6.0
2.6.9
2.7.0
2.8.0
2.9.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.2
3.1.3
3.2.0
3.2.1
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.8.0
3.9.0
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
4.3.1
4.4.0
4.5.1
5.*
5.0.0
5.1.0
5.1.1
5.2.0
5.2.1
5.3.0
5.3.1
5.4.0
5.4.0-git
5.4.2
5.5.0
5.5.2
5.5.4
5.6.0
5.6.2
5.6.4
5.6.6
5.6.8
Other
Continuous-Windows
continuous
radare2-windows-nightly
termux
wip
release-5.*
release-5.0.0
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2022-1714-0bbd91b3",
"target": {
"file": "libr/anal/p/anal_msp430.c",
"function": "msp430_op"
},
"digest": {
"function_hash": "86324720542616966538298809989952954510",
"length": 2300.0
},
"deprecated": false
},
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2022-1714-1a81213b",
"target": {
"file": "libr/anal/p/anal_msp430.c"
},
"digest": {
"line_hashes": [
"177417420579055144394241084821437040577",
"316444613106847349041005341136267835092",
"182316125175454606487457047459244555623",
"111343632919560298671967367164740468290",
"295967483295657283756275915491890524548",
"162898000929316584994976621288680099895",
"219401292126605951482239583638923644147",
"116414065711161518329353367765197210694",
"211039599017630820399324571161879430509",
"6427291116859862966166136463419104043",
"242241906878385988863078182647047410595",
"122413304198114382959097985749333433887",
"85083449105094537788512719694610272613",
"275827756013276095648674014237311314121",
"211900180249461324709323700273858330568",
"265699316768205438128819352305495310536",
"174989389388727727712459043171783902291",
"318637843056572209997652457242439548628"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2022-1714-1e00c1ec",
"target": {
"file": "libr/anal/p/anal_msp430.c",
"function": "set_reg_profile"
},
"digest": {
"function_hash": "69716726496199809416301271541006319754",
"length": 712.0
},
"deprecated": false
},
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2022-1714-4adec5d8",
"target": {
"file": "libr/bin/format/elf/elf.c"
},
"digest": {
"line_hashes": [
"254617247104868186844192770408072220950",
"87869596823553643502033248481197262543",
"47526748355868028490033943719113112847",
"24510545665116993267753243688094167332",
"298739571355266267353506506557690280951",
"84954755610123429458139174673203025767",
"53577395744582064512604227672613925624",
"110921778084438576425307398478203293286",
"271311616370604620348914897342240029434",
"285981489581680649568822597982897728667",
"226121614547176307990005782546670869442",
"277162572562165455444951712939739772684",
"153258959888864301105225015159574632649",
"256322387781634955181709427114388514286",
"90687406599343244094888287244743847044",
"251469199098049864606556685406598840382",
"269734903100459971282103569214964052804",
"24848229392105679954685488934872390325",
"296531087670129702781003156922784792173",
"25087836321098354922765154305020193979",
"151302918598491986830068005401819404310",
"181409338324684818843067937931838910478",
"330110772908732170932782961800792331446",
"240890317687206490838760563035536269231",
"236275475525474109517213818920489565822",
"12087751171903691860139710277192157337",
"31132804784473313244188196564552852928",
"153266041978674641322616006168320829634"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2022-1714-c6be0e2c",
"target": {
"file": "libr/bin/format/elf/elf.c",
"function": "init_strtab"
},
"digest": {
"function_hash": "88141985908956491779125131748884513398",
"length": 1553.0
},
"deprecated": false
},
{
"source": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2022-1714-f6b2a774",
"target": {
"file": "libr/bin/format/elf/elf.c",
"function": "init_shdr"
},
"digest": {
"function_hash": "185740228385775914755550912233697238716",
"length": 2888.0
},
"deprecated": false
}
]
}