PT-2025-6907 · Radare2 · Radare2
Wenjusun
·
Published
2025-02-16
·
Updated
2025-06-23
·
CVE-2025-1378
CVSS v4.0
4.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
radare2 versions 5.9.9 through 5.9.9 33286
Description:
A vulnerability was found in radare2, affecting an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Recommendations:
To address this issue, upgrade to version 6.0.0. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Radare2