openSUSE-SU-2024:0397-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0397-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2024:0397-1
Related
Published
2024-12-09T10:44:56Z
Modified
2025-05-08T17:48:29.794512Z
Upstream
Summary
Security update for radare2
Details

This update for radare2 fixes the following issues:

Update to version 5.9.8:

  • CVE-2024-29645: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parse_die function (boo#1234065).
  • For more details, check full release notes: https://github.com/radareorg/radare2/releases/tag/5.9.8 https://github.com/radareorg/radare2/releases/tag/5.9.6 https://github.com/radareorg/radare2/releases/tag/5.9.4 https://github.com/radareorg/radare2/releases/tag/5.9.2 https://github.com/radareorg/radare2/releases/tag/5.9.0 https://github.com/radareorg/radare2/releases/tag/5.8.8
References

Affected packages

SUSE:Package Hub 15 SP6 / radare2

Package

Name
radare2
Purl
pkg:rpm/suse/radare2&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.8-bp156.4.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "radare2-devel": "5.9.8-bp156.4.3.1",
            "radare2-zsh-completion": "5.9.8-bp156.4.3.1",
            "radare2": "5.9.8-bp156.4.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / radare2

Package

Name
radare2
Purl
pkg:rpm/opensuse/radare2&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.8-bp156.4.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "radare2-devel": "5.9.8-bp156.4.3.1",
            "radare2-zsh-completion": "5.9.8-bp156.4.3.1",
            "radare2": "5.9.8-bp156.4.3.1"
        }
    ]
}