CVE-2022-28073

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-28073

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-28073.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-28073

Downstream

UBUNTU-CVE-2022-28073

Published

2023-08-22T19:16:22.843Z

Modified

2025-11-28T03:32:45.968012Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A use after free in rregset_value function in radare2 5.4.2 and 5.4.0.

References

https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053

Affected packages

Git / github.com/radareorg/radare2

Affected ranges

Type: GIT
Repo: https://github.com/radareorg/radare2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

59a9dfb60acf8b5c0312061cffd9693fc9526053

Affected versions

0.*

0.10.0

0.10.1

0.10.2

0.10.3

0.10.4

0.10.4-termux4

0.10.5

0.10.6

0.8.6

0.8.8

0.9

0.9.2

0.9.4

0.9.6

0.9.7

0.9.8

0.9.8-rc1

0.9.8-rc2

0.9.8-rc3

0.9.8-rc4

0.9.9

1.*

1.0

1.0.0

1.0.1

1.0.2

1.1.0

1.2.0

1.2.0-git

1.3.0

1.3.0-git

1.4.0

1.5.0

1.6.0

2.*

2.0.0

2.0.1

2.1.0

2.2.0

2.4.0

2.5.0

2.6.0

2.6.9

2.7.0

2.8.0

2.9.0

3.*

3.0.0

3.0.1

3.1.0

3.1.1

3.1.2

3.1.3

3.2.0

3.2.1

3.3.0

3.4.0

3.4.1

3.5.0

3.5.1

3.6.0

3.7.0

3.7.1

3.8.0

3.9.0

4.*

4.0.0

4.1.0

4.1.1

4.2.0

4.2.1

4.3.0

4.3.1

4.4.0

4.5.1

5.*

5.0.0

5.1.0

5.1.1

5.2.0

5.2.1

5.3.0

5.3.1

5.4.0

5.4.0-git

5.4.2

Other

Continuous-Windows

continuous

radare2-windows-nightly

termux

release-5.*

release-5.0.0

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "107965403694139141800883347947913532701",
                "90858975693036788028608609588124022265",
                "91098963071992624841683449385395680558",
                "22767473244447740504981729120555308088",
                "247000964506623080778811502719665681668",
                "276733396430313155747190658361066390962",
                "226299340826807465848498720845665177618",
                "112396456098419320478828881307016113626",
                "242253239353985117994160421411365598951",
                "337369892757591744372938417976276276080",
                "75895697324596618579084262595050099514",
                "302827732959799927538842265254498105694",
                "166714499320889079419288572959143241326"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "target": {
            "file": "libr/core/cmd_anal.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-48ad4089",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "285989314592378426913415680164616220717",
            "length": 8648.0
        },
        "signature_type": "Function",
        "target": {
            "function": "r_core_anal_type_match",
            "file": "libr/core/anal_tp.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-78127409",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "204028207422224448207553106569323567684",
            "length": 1864.0
        },
        "signature_type": "Function",
        "target": {
            "function": "r_reg_set_value",
            "file": "libr/reg/rvalue.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-9d2a54cd",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "318729812593611023103554930368898728989",
                "49773521259689398108543093835176613012",
                "51529064426519814179888507050204380699",
                "104606128581635823925979556556726119891",
                "246242639589626985321667502764054435175",
                "245829021877674134125367048357940842841",
                "181365753083643883803333819815096423015"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "target": {
            "file": "libr/reg/rvalue.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-edaa3853",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "338253653074750491800978514334914077827",
            "length": 8545.0
        },
        "signature_type": "Function",
        "target": {
            "function": "cmd_anal_reg",
            "file": "libr/core/cmd_anal.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-f38bb3f2",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "217162351361486105630499451692671626250",
                "180232910030786710389110733687392630590",
                "323015404115345229691306406559461738326",
                "128744477728164312191741660526391552979",
                "13015060849857345863188219995292712546",
                "307608947464186904513035752868391610898",
                "225526161422989738646426351772365374436",
                "17471026006023902788232861735162612741",
                "41965731703346872902157036384796507205",
                "337421225254291427843929029252686127228",
                "168989720800178328957008276514095732168",
                "245656965178474216744987159939380588043",
                "22700095761782948234199737776342375501",
                "135889908066765768867101124481055821515",
                "38696921190626502429738861145782385651",
                "286409936264508199882249355947142546207",
                "89791071719949603264578135948408064814"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "target": {
            "file": "libr/core/anal_tp.c"
        },
        "deprecated": false,
        "id": "CVE-2022-28073-fce9af89",
        "source": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"
    }
]

Git / github.com/radare/radare2

Affected ranges

Type: GIT
Repo: https://github.com/radare/radare2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected