Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

openSUSE radare2 Important Security Fixes CVE-2025-1378 CVE-2026-8695

opensuse
Calendar Grey July 8, 2026
Dist Opensuse Esm H88
This update enhances radare2 with crucial fixes addressing several security issues and improves overall performance.
An update that fixes 6 vulnerabilities is now available.

Description

This update for radare2 fixes the following issues:

- switch to python311 for sle15 build

- CVE-2026-8695: Fix use-after-free in gdbr_threads_list() (boo#1265403)

- Update to version 6.1.4 (boo#1262142, CVE-2026-40499):

* Analysis: improve autoname scoring, jmptbl detection, and performance

* Add callargs modifier, rnum expressions, and typed function context

* Refactor autoname into plugin; extend RAnalPlugin hooks

* Fix leaks, overflows, and command injection in analysis scripts

* Improve string detection, wide strings, and switch/case analysis

* Arch: fix v850/nds32 ESIL, optimize to O(1), improve pseudo support

* Cache capstone options and improve multi-arch disassembly

* ASM: add camel syntax support, unify via RArch API

* Bin: major parser fixes (ELF, Mach-O, PE, DEX, PDB, WAD, XCOFF)

* Fix leaks, OOB reads/writes, overflows, and improve bounds checks

* Improve Swift demangling, ARM hints, relocations, and...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-231=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64):

libsdb2_4_2-6.1.4-bp157.5.3.5

radare2-6.1.4-bp157.5.3.5

radare2-devel-6.1.4-bp157.5.3.5

- openSUSE Backports SLE-15-SP7 (noarch):

radare2-zsh-completion-6.1.4-bp157.5.3.5

References

https://www.suse.com/security/cve/CVE-2025-1378.html

https://www.suse.com/security/cve/CVE-2025-1744.html

https://www.suse.com/security/cve/CVE-2025-1864.html

https://www.suse.com/security/cve/CVE-2025-5641.html

https://www.suse.com/security/cve/CVE-2026-40499.html

https://www.suse.com/security/cve/CVE-2026-8695.html

https://bugzilla.suse.com/1244121

https://bugzilla.suse.com/1262142

https://bugzilla.suse.com/1265403

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0231-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.