CVE-2024-29646 – A buffer overflow vulnerability in radare2 v5.8... (How to Fix)

Q: What is the severity of CVE-2024-29646?

CVE-2024-29646 has a CVSS score of 9.8 (CRITICAL). A buffer overflow vulnerability in radare2 v5.8.8 allows attackers to execute arbitrary code by manipulating name, type, or group fields. This affects users of radare2 reverse engineering framework. Successful exploitation could lead to complete system compromise.

📋 TL;DR

A buffer overflow vulnerability in radare2 v5.8.8 allows attackers to execute arbitrary code by manipulating name, type, or group fields. This affects users of radare2 reverse engineering framework. Successful exploitation could lead to complete system compromise.

💻 Affected Systems

Products:

radare2

Versions: v5.8.8 (specifically mentioned, potentially earlier versions)

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations using vulnerable version. radare2 is typically used locally by analysts.

📦 What is this software?

Radare2 by Radare

View all CVEs affecting Radare2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Local privilege escalation or arbitrary code execution when processing malicious files.

🟢

If Mitigated

Denial of service or application crash if exploit fails.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof-of-concept available in GitHub gist. Exploitation requires user to process malicious input.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commits via pull requests 22562, 22567, 22572, 22578

Vendor Advisory: https://github.com/radareorg/radare2/security/advisories

Restart Required: No

Instructions:

1. Update radare2 to latest version. 2. If using package manager: 'sudo apt update && sudo apt upgrade radare2' (Debian/Ubuntu) or equivalent. 3. If compiled from source: git pull, rebuild, and reinstall.

🔧 Temporary Workarounds

Input validation wrapper

linux

Create wrapper script to validate inputs before passing to radare2

#!/bin/bash
# Validate input file exists and is regular file
if [ ! -f "$1" ]; then
    echo "Invalid input"
    exit 1
fi
radare2 "$1"

🧯 If You Can't Patch

Restrict radare2 usage to trusted users only
Run radare2 in sandboxed/containerized environment

🔍 How to Verify

Check if Vulnerable:

Check radare2 version: 'r2 -v' and verify if it's v5.8.8 or earlier

Check Version:

r2 -v | grep version

Verify Fix Applied:

Verify version is newer than v5.8.8 and check git log for fix commits

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults
Unusual child process spawning from radare2

Network Indicators:

None - typically local exploitation

SIEM Query:

Process:radare2 AND (EventID:1000 OR ExceptionCode:c0000005)

📊 Metadata

CVE ID: CVE-2024-29646

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: December 17, 2024

Last Updated: June 17, 2025

🔗 References

https://gist.github.com/Crispy-fried-chicken/0be4a204e7226fa2cea761c09f027690 Third Party Advisory
https://github.com/radareorg/radare2/pull/22562 Issue Tracking,Patch,Vendor Advisory
https://github.com/radareorg/radare2/pull/22567 Issue Tracking,Patch,Vendor Advisory
https://github.com/radareorg/radare2/pull/22572 Issue Tracking,Patch,Vendor Advisory
https://github.com/radareorg/radare2/pull/22578 Issue Tracking,Patch,Vendor Advisory
https://github.com/radareorg/radare2/pull/22599 Issue Tracking,Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29646, you might also want to check these: