A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.
{ "vanir_signatures": [ { "id": "CVE-2022-28068-14f38dc0", "signature_type": "Line", "target": { "file": "libr/bin/dwarf.c" }, "digest": { "line_hashes": [ "113837310268751448641403520284314812811", "206688385093915369104097403104644720568", "218099256406656212753611725523765836218", "30507648515732160706688115558476191857", "239035140707503037010471151689633606910", "258908663129137101848959621218764528207", "335376066240700029054636823905917883579", "233674267950573847692643077292406997111", "264398132028989539020330616796105961426", "37749535327945142470311525596678974825", "202616321936041362404375802625483100988", "245223709205287354195091292829153899824", "296075304100906190052998259140835302351", "217548883087933380467182783140133997739", "213516188384106055895269244112698154155", "274508398396134117530309629974257745171", "2481241751616234209358577912809522606", "180873842160432547409560798588096564109", "136808839989247509364601328491274072736", "293433430048895794929028640315133940158", "188359166997355383253660578089051140815", "5475766128709698867215720479269445193", "224382174109098481271058031436060486414", "114796835824639032197401226091527528534", "311610227294147671784721435395916121740", "16613822707924235879918298289391541407", "192472961614426703705863445508219324534", "40151045710128673145912214578937707024" ], "threshold": 0.9 }, "source": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", "signature_version": "v1", "deprecated": false }, { "id": "CVE-2022-28068-950410d6", "signature_type": "Function", "target": { "file": "libr/bin/dwarf.c", "function": "parse_die" }, "digest": { "function_hash": "225075812382039480808810230574922679775", "length": 814.0 }, "source": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", "signature_version": "v1", "deprecated": false }, { "id": "CVE-2022-28068-9c0265b1", "signature_type": "Line", "target": { "file": "libr/anal/dwarf_process.c" }, "digest": { "line_hashes": [ "82808495555599534220823637966100775237", "34467357746302134185901643176622134549", "308883440703698160702040353526171717712", "94257197606966392613591060671082308682", "142761272106886067729098819553060707017", "203408319474404891445168413634361605148", "314118469412744712115824633152849316779", "311830455758858365309103188013608426700", "61586589386366154080680905726490631896", "293018717090580508195179172446439188250", "45849837503433876567661834699778748985", "7267481447773605661459912914922939839", "57643439829971059973548547749747315221", "214856441681586453239644785692720112893", "273312648645288454808199991506043630724", "81704208859240338066760786810120184801" ], "threshold": 0.9 }, "source": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", "signature_version": "v1", "deprecated": false }, { "id": "CVE-2022-28068-9de60fa3", "signature_type": "Function", "target": { "file": "libr/bin/dwarf.c", "function": "dwarf_read_offset" }, "digest": { "function_hash": "176274961685585861596881861180921783587", "length": 203.0 }, "source": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", "signature_version": "v1", "deprecated": false }, { "id": "CVE-2022-28068-d9ab99b6", "signature_type": "Function", "target": { "file": "libr/anal/dwarf_process.c", "function": "parse_dwarf_location" }, "digest": { "function_hash": "223765876627598769785066152449158520670", "length": 4081.0 }, "source": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", "signature_version": "v1", "deprecated": false } ] }