CVE-2025-63745 – A NULL pointer dereference vulnerability in rad... (How to Fix)

Q: What is the severity of CVE-2025-63745?

CVE-2025-63745 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in radare2 versions 6.0.5 and earlier allows attackers to cause a denial of service via a segmentation fault. This affects users who process untrusted binary files with radare2, particularly security researchers and reverse engineers analyzing potentially malicious binaries.

📋 TL;DR

A NULL pointer dereference vulnerability in radare2 versions 6.0.5 and earlier allows attackers to cause a denial of service via a segmentation fault. This affects users who process untrusted binary files with radare2, particularly security researchers and reverse engineers analyzing potentially malicious binaries.

💻 Affected Systems

Products:

radare2

Versions: 6.0.5 and earlier

Operating Systems: All platforms running radare2 (Linux, Windows, macOS, etc.)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when processing malformed binary files through the affected bin_ne.c component.

📦 What is this software?

Radare2 by Radare

View all CVEs affecting Radare2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service causing radare2 to crash, potentially disrupting analysis workflows or automated security tools that rely on radare2 for binary analysis.

🟠

Likely Case

Radare2 crashes when processing specially crafted malicious binaries, requiring manual restart and potentially losing analysis progress.

🟢

If Mitigated

Minimal impact if radare2 is only used on trusted binaries or if the patch is applied.

🌐 Internet-Facing: LOW - radare2 is typically not exposed to internet-facing services; it's a local analysis tool.

🏢 Internal Only: MEDIUM - Internal security teams using radare2 to analyze potentially malicious binaries could experience workflow disruption.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires feeding a crafted binary file to radare2; the advisory includes technical details that could be used to create exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 6c5df3f8570d4f0c360681c08241ad8af3b919fd and later versions

Vendor Advisory: https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd

Restart Required: No

Instructions:

1. Update radare2 to the latest version from the official repository. 2. For source installations: git pull from radare2 repo and rebuild. 3. For package managers: Use your distribution's package manager to update radare2.

🔧 Temporary Workarounds

Avoid processing untrusted binaries

all

Only use radare2 on trusted binary files until patched

Use sandboxed environment

linux

Run radare2 in a container or VM when analyzing potentially malicious binaries

docker run --rm -v $(pwd):/workdir radare2/radare2 r2 /workdir/binary

🧯 If You Can't Patch

Implement strict input validation - only allow radare2 to process binaries from trusted sources
Monitor radare2 processes for crashes and implement automatic restart mechanisms

🔍 How to Verify

Check if Vulnerable:

Check radare2 version with 'r2 -v' and compare against affected versions (6.0.5 and earlier)

Check Version:

r2 -v | grep version

Verify Fix Applied:

Verify version is newer than 6.0.5 or check if commit 6c5df3f8570d4f0c360681c08241ad8af3b919fd is included

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in system logs from radare2 processes
Unexpected radare2 process termination

SIEM Query:

process_name:"radare2" AND (event_type:"crash" OR error_message:"segmentation fault")

📊 Metadata

CVE ID: CVE-2025-63745

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.02% exploit probability (2.6th percentile)

Published: November 14, 2025

Last Updated: November 19, 2025

🔗 References

https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md Patch,Third Party Advisory
https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.md Patch,Third Party Advisory
https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd Patch
https://github.com/radareorg/radare2/issues/24660 Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-63745, you might also want to check these: