CVE-2025-1378

Medium CVSS: 4.8

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component.

Vendor

Radare

Product

Radare2

CWE

CWE-119

Yayın Tarihi

2025-02-17 06:15:13

Güncelleme

2025-06-23 14:37:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Radare2 MEDIUM Radare 2025

Referanslar

https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545 https://github.com/radareorg/radare2/issues/23953 https://github.com/radareorg/radare2/issues/23953#issue-2844325926 https://github.com/radareorg/radare2/milestone/86 https://vuldb.com/?ctiid.295986 https://vuldb.com/?id.295986 https://vuldb.com/?submit.498499

Benzer Kayıtlar

Medium

CVE-2025-63745

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_n…

Medium

CVE-2025-63744

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_d…

Low

CVE-2025-60361

radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

Medium

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

Medium

CVE-2025-60359

radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

Medium

CVE-2025-60358

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.