2478066 – (CVE-2026-8696) CVE-2026-8696 radare2: radare2: Remote arbitrary code execution or denial of service via use-after-free in GDB client core

Bug 2478066 (CVE-2026-8696) - CVE-2026-8696 radare2: radare2: Remote arbitrary code execution or denial of service via use-after-free in GDB client core

Summary: CVE-2026-8696 radare2: radare2: Remote arbitrary code execution or denial of ...

Keywords:
Status:	NEW
Alias:	CVE-2026-8696
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-15 21:02 UTC by OSIDB Bzimport
Modified:	2026-05-18 11:32 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-15 21:02:12 UTC

radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability by causing qsThreadInfo to fail after qfThreadInfo successfully allocates RDebugPid structures, resulting in double-free memory corruption when the error path attempts to clean up the list.

Note You need to log in before you can comment on or make changes to this bug.