radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability by causing qsThreadInfo to fail after qfThreadInfo successfully allocates RDebugPid structures, resulting in double-free memory corruption when the error path attempts to clean up the list.
References
| Link | Resource |
|---|---|
| https://github.com/radareorg/radare2/commit/c213ad6894a1eb9086ac8bf5fae35757e9e1683c | Patch |
| https://github.com/radareorg/radare2/issues/25836 | Exploit Issue Tracking |
| https://www.vulncheck.com/advisories/radare2-use-after-free-via-gdbr-pids-list | Third Party Advisory |
| https://github.com/radareorg/radare2/issues/25836 | Exploit Issue Tracking |
Configurations
History
19 May 2026, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/radareorg/radare2/issues/25836 - Exploit, Issue Tracking |
18 May 2026, 18:38
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Radare radare2
Radare |
|
| CPE | cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:* | |
| References | () https://github.com/radareorg/radare2/commit/c213ad6894a1eb9086ac8bf5fae35757e9e1683c - Patch | |
| References | () https://github.com/radareorg/radare2/issues/25836 - Exploit, Issue Tracking | |
| References | () https://www.vulncheck.com/advisories/radare2-use-after-free-via-gdbr-pids-list - Third Party Advisory |
15 May 2026, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-15 21:16
Updated : 2026-05-19 14:16
NVD link : CVE-2026-8696
Mitre link : CVE-2026-8696
CVE.ORG link : CVE-2026-8696
JSON object : View
Products Affected
radare
- radare2
CWE
CWE-416
Use After Free