CVE-2025-63744

Medium CVSS: 4.3

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program.

Vendor

Radare

Product

Radare2

CWE

CWE-476

Yayın Tarihi

2025-11-14 21:15:44

Güncelleme

2025-11-19 19:03:17

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Radare2 MEDIUM Radare 2025

Referanslar

https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-002-radare2-nullptr-deref-bin_dyldcache.md https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_dyldcache.md https://github.com/radareorg/radare2/commit/e37e15d10fd8a19c3e57b3d7735a2cfe0082ec79 https://github.com/radareorg/radare2/issues/24661

Benzer Kayıtlar

Medium

CVE-2025-63745

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_n…

Low

CVE-2025-60361

radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

Medium

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

Medium

CVE-2025-60359

radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

Medium

CVE-2025-60358

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.

Low

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_i…