CVE-2025-63745

Medium CVSS: 5.5

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

Vendor

Radare

Product

Radare2

CWE

CWE-476

Yayın Tarihi

2025-11-14 21:15:45

Güncelleme

2025-11-19 19:01:27

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Radare2 MEDIUM Radare 2025

Referanslar

https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.md https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd https://github.com/radareorg/radare2/issues/24660

Benzer Kayıtlar

Medium

CVE-2025-63744

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_d…

Low

CVE-2025-60361

radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

Medium

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

Medium

CVE-2025-60359

radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

Medium

CVE-2025-60358

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.

Low

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_i…