Out-of-Bounds Write Vulnerability in Radare2 by Radareorg
CVE-2025-1744

10CRITICAL

Key Information:

Vendor: Radareorg
Status: Radare2
Vendor: CVE Published:; 28 February 2025

Summary

Radare2, developed by Radareorg, is impacted by an out-of-bounds write vulnerability that may lead to heap-based buffer over-read or buffer overflow issues. This vulnerability affects all versions prior to 5.9.9, allowing potential attackers to exploit the memory management flaws within the application. Affected users should apply the latest patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

radare2 0

References

https://github.com/radareorg/radare2/pull/23969

patchthird-party-advisory

CVSS V4

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 28, 2025
Vulnerability Reserved
Feb 27, 2025

Credit

TITAN Team ([email protected])