Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. References: https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6 https://github.com/radareorg/radare2/commit/ecc44b6a2f18ee70ac133365de0e509d26d5e168
Created radare2 tracking bugs for this issue: Affects: epel-7 [bug 2078509] Affects: epel-8 [bug 2078510] Affects: fedora-34 [bug 2078511] Affects: fedora-35 [bug 2078508]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.