Overview
CVE-2025-63745 describes a NULL pointer dereference vulnerability found in radare2, a reverse engineering framework. Specifically, the vulnerability exists within the info() function of the bin_ne.c file. This flaw can be triggered when radare2 processes a specially crafted binary input. The result of exploiting this vulnerability is a segmentation fault, which leads to a denial-of-service (DoS) condition. This means an attacker can cause radare2 to crash, preventing legitimate users from using the tool.
Technical Details
The vulnerability stems from a potential NULL pointer dereference within the info() function in bin_ne.c. When radare2 encounters a malformed or unexpected structure in a binary file (likely a New Executable (NE) format file based on the affected file name), the info() function may attempt to access memory through a NULL pointer. This is typically due to insufficient input validation or error handling within the function. The radare2 developers have addressed the flaw by ensuring proper pointer checks and handling of unexpected binary formats.
CVSS Analysis
Currently, the CVSS score for CVE-2025-63745 is not available (N/A). However, based on the description of a denial-of-service vulnerability, a moderate to high severity score can be expected. A CVSS score will likely be assigned depending on factors such as attack complexity, whether user interaction is required, and the impact on availability.
Given the lack of assigned score, users should assess this risk based on their specific use case.
Possible Impact
The primary impact of CVE-2025-63745 is a denial-of-service (DoS). An attacker could provide radare2 with a malicious binary file, causing the tool to crash. This could disrupt analysis workflows, prevent users from performing reverse engineering tasks, and potentially be used as part of a larger attack to hinder security analysis efforts. While the vulnerability itself doesn’t grant arbitrary code execution, it can be used as a building block to disrupt services that rely on radare2.
Mitigation or Patch Steps
The recommended mitigation is to upgrade to a version of radare2 that contains the fix for this vulnerability. According to the provided references, the fix has been committed to the radare2 repository. Users should update to the latest version or apply the specific patch identified in the commit:
- Upgrade radare2 to a version containing the fix.
- Apply the patch from the following commit: https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd
Until an upgrade is possible, exercise caution when analyzing untrusted binary files with radare2.
References
Marlink Cyber Advisory (MCSAID-2025-001)
Marlink Cyber Advisory (radare2-nullptr-deref-bin_ne.md)
Radare2 Commit: 6c5df3f8570d4f0c360681c08241ad8af3b919fd
Radare2 Issue #24660
