Fabre

#1098376 radare2: CVE-2025-1378 #1098376

Package:: src:radare2

Source:: src:radare2

Submitter:: Salvatore Bonaccorso

Date:: 2025-02-24 17:42:02 UTC

Severity:: normal

Tags:

#1098376#5

Date:: 2025-02-19 19:37:38 UTC

From:

To:

Hi,

The following vulnerability was published for radare2.

CVE-2025-1378[0]:
| A vulnerability, which was classified as problematic, was found in
| radare2 5.9.9 33286. Affected is an unknown function in the library
| /libr/main/rasm2.c of the component rasm2. The manipulation leads to
| memory corruption. An attack has to be approached locally. The
| exploit has been disclosed to the public and may be used. Upgrading
| to version 6.0.0 is able to address this issue. The patch is
| identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is
| recommended to upgrade the affected component.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-1378
https://www.cve.org/CVERecord?id=CVE-2025-1378
[1] https://github.com/radareorg/radare2/issues/23953
[2] https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545

Regards,
Salvatore

#1098376 radare2: CVE-2025-1378 #1098376

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)