{"id":"CVE-2018-11376","details":"The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.","modified":"2026-04-10T02:00:51.377614Z","published":"2018-05-22T19:29:00.270Z","references":[{"type":"ADVISORY","url":"https://github.com/radare/radare2/issues/9904"},{"type":"FIX","url":"https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/radare/radare2","events":[{"introduced":"0"},{"last_affected":"c2b7d11ca74cd98eba8912d94ec0973cf2965697"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.5.0"}]}},{"type":"GIT","repo":"https://github.com/radareorg/radare2","events":[{"introduced":"0"},{"fixed":"1f37c04f2a762500222dda2459e6a04646feeedf"}]}],"versions":["0.10.0","0.10.1","0.10.2","0.10.3","0.10.4","0.10.4-termux4","0.10.5","0.10.6","0.8.6","0.8.8","0.9","0.9.2","0.9.4","0.9.6","0.9.7","0.9.8","0.9.8-rc1","0.9.8-rc2","0.9.8-rc3","0.9.8-rc4","0.9.9","1.0","1.0.0","1.0.1","1.0.2","1.1.0","1.2.0","1.2.0-git","1.3.0","1.3.0-git","1.4.0","1.5.0","1.6.0","2.0.0","2.0.1","2.1.0","2.2.0","2.4.0","2.5.0","radare2-windows-nightly","termux"],"database_specific":{"vanir_signatures":[{"id":"CVE-2018-11376-1236e4bf","deprecated":false,"source":"https://github.com/radareorg/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf","target":{"file":"libr/core/cbin.c"},"digest":{"threshold":0.9,"line_hashes":["74147868421164778536266043603420534155","94012138497178765259711521921749933602","127318990783415709744242895765158527360","127253702788854721694552368469173099888"]},"signature_version":"v1","signature_type":"Line"},{"id":"CVE-2018-11376-a48149a5","deprecated":false,"source":"https://github.com/radareorg/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf","target":{"function":"bin_entry","file":"libr/core/cbin.c"},"digest":{"length":3340,"function_hash":"268876414047930744123853343933127487284"},"signature_version":"v1","signature_type":"Function"},{"id":"CVE-2018-11376-bf0ed46e","deprecated":false,"source":"https://github.com/radareorg/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf","target":{"file":"libr/bin/p/bin_elf.c"},"digest":{"threshold":0.9,"line_hashes":["239465907582288234478493190199706323560","265047590234715799993876434927710511677","73638889202388708246382006019522487151","203492581216947726462311589824830531931","111223670578665787765158084771167683025","310554751992119742824921622046783105906","244373275692055250934245746795551528343","144292358253911142672534763828864318582"]},"signature_version":"v1","signature_type":"Line"},{"id":"CVE-2018-11376-d254ef0b","deprecated":false,"source":"https://github.com/radareorg/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf","target":{"function":"process_constructors","file":"libr/bin/p/bin_elf.c"},"digest":{"length":1117,"function_hash":"192691691577455363091545508820585713191"},"signature_version":"v1","signature_type":"Function"}],"vanir_signatures_modified":"2026-04-10T02:00:51Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-11376.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}