When providing crafted input, an attacker can cause r_read_32 within string_scan_range to do an out of bounds read. This causes a segmentation fault, but could also potentially enable information disclosure. Reference: https://huntr.dev/bounties/8a3dc5cb-08b3-4807-82b2-77f08c137a04
Created radare2 tracking bugs for this issue: Affects: epel-all [bug 2092972] Affects: fedora-all [bug 2092971]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.