Source: radare2 Version: 1.1.0+dfsg-5 Severity: important Tags: upstream security
Hi, the following vulnerability was published for radare2, filling the bug for tracking purpose. CVE-2017-9763[0]: | The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before | 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows | remote attackers to cause a denial of service (excessive stack use and | application crash) via a crafted binary file, related to use of a | variable-size stack array. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9763 Please adjust the affected versions in the BTS as needed. Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
