CVE-2022-1451 – This vulnerability in radare2 allows attackers ... (How to Fix)

Q: What is the severity of CVE-2022-1451?

CVE-2022-1451 has a CVSS score of 7.1 (HIGH). This vulnerability in radare2 allows attackers to read memory beyond intended buffer boundaries in the Java constant value attribute parsing function. It affects users of radare2 versions prior to 5.7.0, potentially exposing sensitive information or causing application crashes.

📋 TL;DR

This vulnerability in radare2 allows attackers to read memory beyond intended buffer boundaries in the Java constant value attribute parsing function. It affects users of radare2 versions prior to 5.7.0, potentially exposing sensitive information or causing application crashes.

💻 Affected Systems

Products:

radare2

Versions: All versions prior to 5.7.0

Operating Systems: All platforms where radare2 runs (Linux, Windows, macOS, BSD)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when parsing Java class files with malformed constant value attributes.

📦 What is this software?

Radare2 by Radare

View all CVEs affecting Radare2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents including passwords, keys, or other application data leading to complete system compromise.

🟠

Likely Case

Application crash (denial of service) or limited information disclosure from adjacent memory regions.

🟢

If Mitigated

Minimal impact if proper memory protections (ASLR, DEP) are enabled and the application runs with limited privileges.

🌐 Internet-Facing: LOW - radare2 is primarily a local analysis tool, not typically exposed to internet.

🏢 Internal Only: MEDIUM - Attackers with local access could exploit this to read sensitive data from memory.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access or ability to feed malicious Java class files to radare2.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.7.0 and later

Vendor Advisory: https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529

Restart Required: No

Instructions:

1. Update radare2 to version 5.7.0 or later using your package manager. 2. For source installations: git pull from repository and rebuild. 3. Verify installation with 'r2 -v'.

🔧 Temporary Workarounds

Avoid parsing untrusted Java files

all

Restrict radare2 from processing untrusted Java class files

Run with reduced privileges

linux

Execute radare2 with minimal permissions to limit impact

sudo -u nobody r2 [file]

🧯 If You Can't Patch

Isolate radare2 usage to trusted environments only
Implement strict file validation before feeding to radare2

🔍 How to Verify

Check if Vulnerable:

Run 'r2 -v' and check if version is below 5.7.0

Check Version:

r2 -v | grep -o '\d\.\d\.\d'

Verify Fix Applied:

Confirm version is 5.7.0 or higher with 'r2 -v'

📡 Detection & Monitoring

Log Indicators:

Segmentation fault crashes in radare2
Abnormal memory access patterns

SIEM Query:

process_name:"r2" AND (event_type:"crash" OR exit_code:139)

📊 Metadata

CVE ID: CVE-2022-1451

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CWE: CWE-788

Published: April 24, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529 Patch,Third Party Advisory
https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7 Exploit,Issue Tracking,Patch,Third Party Advisory
https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529 Patch,Third Party Advisory
https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7 Exploit,Issue Tracking,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-1451, you might also want to check these: