CVE-2025-63745

CVE-2025-63745

Name

CVE-2025-63745

Description

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
cve@mitre.org	https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md
cve@mitre.org	https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.md
cve@mitre.org	https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd
cve@mitre.org	https://github.com/radareorg/radare2/issues/24660

Type

URI

cve@mitre.org

https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md

cve@mitre.org

https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.md

cve@mitre.org

https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd

cve@mitre.org

https://github.com/radareorg/radare2/issues/24660

CPE URI	Source package	Min version	Max version
	n/a	== n/a	== n/a

CPE URI

Source package

Min version

Max version

n/a

== n/a

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
radare2	3.22-community	5.9.8-r0	omni <omni+alpine@hack.org>	possibly vulnerable
radare2	3.22-community	5.8.2-r0	None	possibly vulnerable
radare2	3.22-community	5.8.0-r0	None	possibly vulnerable
radare2	3.22-community	5.7.2-r0	None	possibly vulnerable
radare2	3.22-community	5.7.0-r0	None	possibly vulnerable
radare2	3.22-community	5.6.8-r0	None	possibly vulnerable
radare2	3.22-community	5.6.6-r0	None	possibly vulnerable
radare2	3.22-community	5.6.4-r0	None	possibly vulnerable
radare2	3.22-community	5.6.2-r0	None	possibly vulnerable
radare2	3.22-community	5.6.0-r0	None	possibly vulnerable
radare2	3.22-community	5.5.4-r0	None	possibly vulnerable
radare2	3.22-community	5.5.2-r0	None	possibly vulnerable
radare2	3.22-community	5.4.0-r0	None	possibly vulnerable
radare2	3.22-community	5.3.1-r0	None	possibly vulnerable
radare2	3.22-community	4.5.1-r0	None	possibly vulnerable
radare2	3.22-community	4.5.0-r0	None	possibly vulnerable
radare2	3.22-community	4.4.0-r0	None	possibly vulnerable
radare2	3.22-community	4.0.0-r0	None	possibly vulnerable
radare2	3.22-community	3.9.0-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages