Denial of Service via local use-after-free vulnerability
Summary
A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8b25c773785d85cb0103410a0905089d286921c2. It is advisable to implement a patch to correct this issue. This vulnerability, a use-after-free, affects the `regprofile Handler` component. A local attacker can exploit this flaw by performing a specific manipulation, which could lead to a denial of service, making the application unavailable. Exploitation could result in a denial of service, impacting the availability of the application. The limited scope of this vulnerability, primarily affecting users who execute `radare2` locally, contributes to its lower severity. Red Hat severity: Low — CVSS 3.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). Weakness: CWE-825.
- 6.1.6
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation checklist
- To mitigate this issue, restrict local access to systems where radare2 is installed. If radare2 is not essential for system operation, consider removing the `radare2` package to eliminate the vulnerability.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.