Debian Radare2 vulnerabilities

CVE-2026-4174 [MEDIUM] CVE-2026-4174: radare2 - A vulnerability has been found in Radare2 5.9.9. This issue affects the function... A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The existence of thi

CVE-2025-1744 [CRITICAL] CVE-2025-1744: radare2 - Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffe... Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-1864 [CRITICAL] CVE-2025-1864: radare2 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerab... Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-63745 [MEDIUM] CVE-2025-63745: radare2 - A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and ear... A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data. Scope: local sid: resolved (fixed in 6.0.7+ds-1)

CVE-2025-60358 [MEDIUM] CVE-2025-60358: radare2 - radare2 v.5.9.8 and before contains a memory leak in the function _load_relocati... radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-60360 [MEDIUM] CVE-2025-60360: radare2 - radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_... radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-1378 [MEDIUM] CVE-2025-1378: radare2 - A vulnerability, which was classified as problematic, was found in radare2 5.9.9... A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to addre

CVE-2025-60359 [MEDIUM] CVE-2025-60359: radare2 - radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_ne... radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-63744 [MEDIUM] CVE-2025-63744: radare2 - A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and ear... A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program. Scope: local sid: resolved (fixed in 6.0.7+ds-1)

CVE-2025-5645 [LOW] CVE-2025-5645: radare2 - A vulnerability, which was classified as problematic, was found in Radare2 5.9.9... A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. T

CVE-2025-5648 [LOW] CVE-2025-5648: radare2 - A vulnerability was found in Radare2 5.9.9. It has been classified as problemati... A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficul

CVE-2025-5644 [LOW] CVE-2025-5644: radare2 - A vulnerability, which was classified as problematic, has been found in Radare2 ... A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation i

CVE-2025-5642 [LOW] CVE-2025-5642: radare2 - A vulnerability classified as problematic has been found in Radare2 5.9.9. Affec... A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been

CVE-2025-60361 [LOW] CVE-2025-60361: radare2 - radare2 v5.9.8 and before contains a memory leak in the function bochs_open. radare2 v5.9.8 and before contains a memory leak in the function bochs_open. Scope: local sid: resolved (fixed in 6.0.4+dfsg-1)

CVE-2025-5643 [LOW] CVE-2025-5643: radare2 - A vulnerability classified as problematic was found in Radare2 5.9.9. Affected b... A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be

CVE-2025-5647 [LOW] CVE-2025-5647: radare2 - A vulnerability was found in Radare2 5.9.9 and classified as problematic. This i... A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to b

CVE-2025-5646 [LOW] CVE-2025-5646: radare2 - A vulnerability has been found in Radare2 5.9.9 and classified as problematic. T... A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploit

CVE-2025-5641 [LOW] CVE-2025-5641: radare2 - A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. Th... A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation is k

CVE-2024-29646 [CRITICAL] CVE-2024-29646: radare2 - Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to ... Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

CVE-2024-29645 [HIGH] CVE-2024-29645: radare2 - Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to ... Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)