PT-2025-9052 · Radare2 · Radare2

Abergmann

Published

2025-02-28

Updated

2026-01-07

CVE-2025-1744

CVSS v4.0

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions radare2 versions prior to 5.9.9

Description The issue is an Out-of-bounds Write vulnerability that allows heap-based buffer over-read or buffer overflow. This can lead to a buffer overflow, which is a type of attack where more data is written to a buffer than it is designed to hold, potentially causing the program to crash or allowing an attacker to execute arbitrary code.

Recommendations For versions prior to 5.9.9, update to version 5.9.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components of radare2 until a patch is applied.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

AZL-57501

AZL-57512

AZL-57518

AZL-57521

AZL-57524

AZL-57528

AZL-57533

AZL-57590

AZL-57629

AZL-57633

AZL-57636

AZL-57639

AZL-57644

CVE-2025-1744

MGASA-2025-0116

OPENSUSE-SU-2025:0101-1

OPENSUSE-SU-2025:15292-1

OPENSUSE-SU-2026:20653-1

Affected Products

Radare2

PT-2025-9052 · Radare2 · Radare2

CVE-2025-1744

Weakness Enumeration

Related Identifiers

Affected Products

References · 39