Vulnerability & Exploit Database

Back to search

Ubuntu: (Multiple Advisories) (CVE-2018-20459): libcaca vulnerabilities

Severity CVSS Published Added Modified
4 (AV:N/AC:M/Au:N/C:N/I:N/A:P) December 25, 2018 January 24, 2019 January 24, 2019

Description

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

ubuntu-upgrade-caca-utils