In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_parsechar; invalid free in rcc_pusharg). Reference: https://github.com/radare/radare2/issues/14296
Created radare2 tracking bugs for this issue: Affects: fedora-all [bug 1722733]
Created radare2 tracking bugs for this issue: Affects: epel-7 [bug 1722736]
Upstream patch: https://github.com/radare/radare2/commit/93af319e0af787ede96537d46210369f5c24240c
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.