Debian Security Advisory
DLA-901-1 radare2 -- LTS security update
- Date Reported:
- 17 Apr 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-6448.
- More information:
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
For Debian 7
Wheezy, these problems have been fixed in version 0.9-3+deb7u2.
We recommend that you upgrade your radare2 packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS