Saad Elharaj

**Name of the Vulnerable Software and Affected Versions** radare2 version 6.1.5 **Description** A use-after-free issue exists in the `gdbr threads list()` function. This occurs when a valid qfThreadInfo response is followed by a malformed qsThreadInfo response, allowing remote attackers to trigger memory corruption via GDB remote debugging. This can lead to a denial of service or potential code execution by manipulating thread list processing. **Recommendations** Update to the version provided in the libsdb2 4 2-6.1.4-2.1 package for openSUSE Tumbleweed.

**Name of the Vulnerable Software and Affected Versions** radare2 version 6.1.5 **Description** A use-after-free issue exists in the `gdbr pids list()` function within the GDB client core. Remote attackers can cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. The issue is triggered when `qsThreadInfo` fails after `qfThreadInfo` has successfully allocated `RDebugPid` structures, leading to double-free memory corruption during the error path cleanup process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.