Debian Security Advisory

DLA-1016-1 radare2 -- LTS security update

Date Reported:
06 Jul 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2017-10929.
More information:

It was discovered that there was a heap-based buffer overflow in radare2, a reverse-engineering framework. The grub_memmove function allowed attackers to cause a remote denial of service.

For Debian 7 Wheezy, this issue has been fixed in radare2 version 0.9-3+deb7u3.

We recommend that you upgrade your radare2 packages.