Radare2 · Radare2 · CVE-2018-11375
**Name of the Vulnerable Software and Affected Versions**
radare2 version 2.5.0
**Description**
The issue allows remote attackers to cause a denial of service, resulting in a heap-based out-of-bounds read and application crash, via a crafted binary file. This is due to a problem in the ` lds()` function.
**Recommendations**
For radare2 version 2.5.0, as a temporary workaround, consider disabling the ` lds()` function until a patch is available.