Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HRadare Radare2
APPRadare5.3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoSMemory
Related vulnerabilities
CVE-2025-1864CRITICAL10.0PL ✓ten sam produkt
Buffer overflow w radare2 — przepełnienie bufora pamięci (CVSS 10.0)
CVE-2025-1744CRITICAL10.0PL ✓ten sam produkt
Krytyczny Out-of-bounds Write (heap buffer overflow) w Radare2
CVE-2024-29646CRITICAL9.8PL ✓ten sam produkt
Buffer Overflow w Radare2 umożliwiający wykonanie dowolnego kodu (RCE)
CVE-2023-46569CRITICAL9.8ten sam produkt
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds...
CVE-2023-46570CRITICAL9.8ten sam produkt
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/n...