Integer overflow in realloc and memcpy calls in core_anal_graph_label. In the process of concatenating source lines based on DWARF data, the resulting size (32bit signed int) can overflow. The sizes of the realloc and memcpy calls differ, and potentially can lead to writes in an unintended location.
Created radare2 tracking bugs for this issue: Affects: epel-all [bug 2152391] Affects: fedora-all [bug 2152392]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.