CVE-2023-47016 – CVE-2023-47016 is an out-of-bounds read vulnera... (How to Fix)

Q: What is the severity of CVE-2023-47016?

CVE-2023-47016 has a CVSS score of 7.5 (HIGH). CVE-2023-47016 is an out-of-bounds read vulnerability in radare2's binary object handling that can cause application crashes. Attackers could potentially exploit this to read sensitive memory contents or cause denial of service. Users of radare2 5.8.9 and potentially earlier versions are affected.

📋 TL;DR

CVE-2023-47016 is an out-of-bounds read vulnerability in radare2's binary object handling that can cause application crashes. Attackers could potentially exploit this to read sensitive memory contents or cause denial of service. Users of radare2 5.8.9 and potentially earlier versions are affected.

💻 Affected Systems

Products:

radare2

Versions: 5.8.9 and potentially earlier versions (exact range not specified in CVE)

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when processing binary files with the affected functions. All installations with vulnerable versions are affected regardless of configuration.

📦 What is this software?

Radare2 by Radare

View all CVEs affecting Radare2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure through memory read, potential remote code execution if combined with other vulnerabilities, or denial of service causing radare2 to crash.

🟠

Likely Case

Application crash when processing malformed binary files, leading to denial of service for reverse engineering workflows.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, potentially just crashes without data leakage.

🌐 Internet-Facing: LOW - radare2 is typically used as a local reverse engineering tool, not as an internet-facing service.

🏢 Internal Only: MEDIUM - While primarily local, malicious binary files could be processed internally, causing crashes or potential information disclosure.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available in GitHub references. Exploitation requires feeding a specially crafted binary file to radare2.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 40c9f50e127be80b9d816bce2ab2ee790831aefd and later versions

Vendor Advisory: https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd

Restart Required: No

Instructions:

1. Update radare2 to latest version from official repository. 2. For source installations: git pull from radare2 repo and rebuild. 3. For package managers: Use system package manager to update radare2 package.

🔧 Temporary Workarounds

Avoid processing untrusted binaries

all

Only use radare2 with trusted binary files from verified sources

Use sandboxed environment

linux

Run radare2 in container or VM when analyzing potentially malicious files

docker run --rm -it -v $(pwd):/workdir radareorg/radare2:latest

🧯 If You Can't Patch

Restrict radare2 usage to trusted users only
Implement file integrity checking for binary files before analysis

🔍 How to Verify

Check if Vulnerable:

Check radare2 version with 'r2 -v' and compare to vulnerable version 5.8.9

Check Version:

r2 -v | head -1

Verify Fix Applied:

Verify version is newer than commit 40c9f50e127be80b9d816bce2ab2ee790831aefd or test with known PoC file

📡 Detection & Monitoring

Log Indicators:

Radare2 crash logs
Segmentation fault errors in system logs
Abnormal process termination

Network Indicators:

None - local tool only

SIEM Query:

Process:radare2 AND (EventID:1000 OR Signal:SIGSEGV)

📊 Metadata

CVE ID: CVE-2023-47016

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-787

Published: November 22, 2023

Last Updated: November 21, 2024

🔗 References

https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa Exploit,Third Party Advisory
https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd Patch
https://github.com/radareorg/radare2/issues/22349 Exploit,Patch
https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa Exploit,Third Party Advisory
https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd Patch
https://github.com/radareorg/radare2/issues/22349 Exploit,Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47016, you might also want to check these: