{"id":"CVE-2018-20456","details":"In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.","modified":"2026-04-11T18:21:41.590232Z","published":"2018-12-25T19:29:00.290Z","references":[{"type":"FIX","url":"https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185"},{"type":"EVIDENCE","url":"https://github.com/radare/radare2/issues/12372"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/radareorg/radare2","events":[{"introduced":"0"},{"fixed":"b143e1b1b5622ef2f41a90f4c0f7ed4c477caf40"},{"fixed":"9b46d38dd3c4de6048a488b655c7319f845af185"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"3.1.1"}],"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*"}}],"versions":["0.10.0","0.10.1","0.10.2","0.10.3","0.10.4","0.10.4-termux4","0.10.5","0.10.6","0.8.6","0.8.8","0.9","0.9.2","0.9.4","0.9.6","0.9.7","0.9.8","0.9.8-rc1","0.9.8-rc2","0.9.8-rc3","0.9.8-rc4","0.9.9","1.0","1.0.0","1.0.1","1.0.2","1.1.0","1.2.0","1.2.0-git","1.3.0","1.3.0-git","1.4.0","1.5.0","1.6.0","2.0.0","2.0.1","2.1.0","2.2.0","2.4.0","2.5.0","2.6.0","2.6.9","2.7.0","2.8.0","2.9.0","3.0.0","3.0.1","3.1.0","radare2-windows-nightly","termux"],"database_specific":{"vanir_signatures":[{"target":{"file":"libr/asm/p/asm_x86_nz.c"},"id":"CVE-2018-20456-12083b99","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["287563844518738372540492355256887605510","154030790810353506561247573542257707616","299048507215615140573861349704480736692","133484721511297008548342860166532970043","211085004133498429022153721181795411540","163106375559988463997621985507090702017","125106167249319808806643936228523924659","185860799196688166662981121099172141380","171202455950132557202221277368782958716","250822622038939554156903351005755318314"]},"signature_version":"v1","signature_type":"Line","source":"https://github.com/radareorg/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185"},{"target":{"function":"parseOperand","file":"libr/asm/p/asm_x86_nz.c"},"id":"CVE-2018-20456-4ccec22c","deprecated":false,"digest":{"length":4509,"function_hash":"124244210738418854769393893325943212901"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/radareorg/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185"},{"target":{"function":"r_buf_read_string","file":"libr/bin/format/mach0/dyldcache.c"},"id":"CVE-2018-20456-74212d20","deprecated":false,"digest":{"length":217,"function_hash":"161720472885181522724332432472867243711"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/radareorg/radare2/commit/b143e1b1b5622ef2f41a90f4c0f7ed4c477caf40"},{"target":{"file":"libr/bin/format/mach0/dyldcache.c"},"id":"CVE-2018-20456-b11dda58","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["91826688001801390993882391060580842390","153573451393114912523381648709776456045","76273051819025290594568241401172330628","223983239877208572709103316397190836729","182546693358306982969485629985754146842"]},"signature_version":"v1","signature_type":"Line","source":"https://github.com/radareorg/radare2/commit/b143e1b1b5622ef2f41a90f4c0f7ed4c477caf40"}],"vanir_signatures_modified":"2026-04-11T18:21:41Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20456.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}