Impact
The vulnerability resides in the r_core_bin_load function of radare2’s core file loader. It allows a local attacker to trigger a use‑after‑free condition, causing the program to access freed memory. The flaw is classified as CWE‑119 and CWE‑416, and can lead to program crashes, memory corruption, or, in the worst scenario, arbitrary code execution when an attacker can control the data passed to the function.
Affected Systems
The flaw affects radareorg radare2 up to and including version 6.1.6. Any installation running these releases is susceptible unless the commit 635ab1eeb30340c26076722a90cb91fb2272130b has been applied.
Risk and Exploitability
The CVSS score of 4.8 indicates medium severity for a local exploitation. The EPSS score is < 1%, indicating a very low likelihood of exploitation, and it is not listed in CISA’s KEV catalog. Nevertheless, the exploit has been publicly disclosed, so a user with local access to radare2 could potentially trigger memory corruption or arbitrary code execution.
OpenCVE Enrichment