UBUNTU-CVE-2026-40527
- Source
- https://ubuntu.com/security/CVE-2026-40527
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40527.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-40527
- Upstream
- Published
- 2026-04-17T21:16:00Z
- Modified
- 2026-05-20T16:25:40.079134784Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 8.5 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DWTAGformal_parameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute when radare2 analyzes the binary with aaa and subsequently runs afsvj, allowing arbitrary shell command execution through the unsanitized parameter interpolation in the pfq command string.
- References
Affected packages
Ubuntu:16.04:LTS
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libradare2-0.9.6",
"binary_version": "0.9.6-3.1ubuntu1"
},
{
"binary_name": "libradare2-common",
"binary_version": "0.9.6-3.1ubuntu1"
},
{
"binary_name": "radare2",
"binary_version": "0.9.6-3.1ubuntu1"
},
{
"binary_name": "radare2-plugins",
"binary_version": "0.9.6-3.1ubuntu1"
}
]
}Ubuntu:25.10
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:26.04:LTS
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.6.0+dfsg-1
2.*
2.0.0+dfsg-1
2.1.0+dfsg-1
2.3.0+dfsg-1
2.3.0+dfsg-2
2.3.0+dfsg-2ubuntu0.1~esm1
Ubuntu:Pro:20.04:LTS
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.2.1+dfsg-5build1
4.*
4.0.0+dfsg-1
4.2.1+dfsg-1
4.2.1+dfsg-2
4.2.1+dfsg-2ubuntu0.1~esm1
Ubuntu:Pro:24.04:LTS
radare2
Package
- Name
- radare2
- Purl
- pkg:deb/ubuntu/radare2?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.5.0+dfsg-1ubuntu1
5.5.0+dfsg-1.1ubuntu2
5.5.0+dfsg-1.1ubuntu3
5.5.0+dfsg-1.1ubuntu3+esm1