Vulnerability Description
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by a malformed qsThreadInfo response. Attackers can exploit this vulnerability through GDB remote debugging to cause a denial of service or potentially achieve code execution by manipulating thread list processing.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Radare | Radare2 | <= 6.1.4 |
Related Weaknesses (CWE)
References
- https://github.com/radareorg/radare2/commit/c213ad6894a1eb9086ac8bf5fae35757e9e1Patch
- https://github.com/radareorg/radare2/issues/25835ExploitIssue Tracking
- https://github.com/radareorg/radare2/issues/25836ExploitIssue Tracking
- https://www.vulncheck.com/advisories/radare2-use-after-free-via-gdbr-threads-lisThird Party Advisory
- https://github.com/radareorg/radare2/issues/25835ExploitIssue Tracking
FAQ
What is CVE-2026-8695?
CVE-2026-8695 is a vulnerability with a CVSS score of 7.5 (HIGH). radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by...
How severe is CVE-2026-8695?
CVE-2026-8695 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8695?
Check the references section above for vendor advisories and patch information. Affected products include: Radare Radare2.