ByteOS Network

NVD Vulnerability Details :

CVE-2025-1378

Analyzed

Source-cna@vuldb.com

Published At-17 Feb, 2025 | 06:15

Updated At-23 Jun, 2025 | 14:37

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	4.8	MEDIUM	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary	3.1	3.3	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Secondary	2.0	1.7	LOW	AV:L/AC:L/Au:S/C:N/I:N/A:P

Type: Secondary

Version: 4.0

Base score: 4.8

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Primary

Version: 3.1

Base score: 3.3

Base severity: LOW

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Type: Secondary

Version: 2.0

Base score: 1.7

Base severity: LOW

Vector:

AV:L/AC:L/Au:S/C:N/I:N/A:P

CPE Matches

Radare2 (r2)

>>radare2>>5.9.9

cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	cna@vuldb.com

CWE ID: CWE-119

Type: Primary

Source: cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545	cna@vuldb.com	Patch
https://github.com/radareorg/radare2/issues/23953	cna@vuldb.com	Exploit Issue Tracking Vendor Advisory
https://github.com/radareorg/radare2/issues/23953#issue-2844325926	cna@vuldb.com	Exploit Issue Tracking Vendor Advisory
https://github.com/radareorg/radare2/milestone/86	cna@vuldb.com	Release Notes
https://vuldb.com/?ctiid.295986	cna@vuldb.com	Permissions Required VDB Entry
https://vuldb.com/?id.295986	cna@vuldb.com	Third Party Advisory VDB Entry
https://vuldb.com/?submit.498499	cna@vuldb.com	Third Party Advisory VDB Entry