CVE-2025-60359 identifies a memory leak vulnerability in the open-source reverse engineering framework radare2, specifically in the function r_bin_object_new in versions 5.9.8 and earlier. A memory leak occurs when allocated memory is not properly released, causing the application’s memory usage to grow over time. This can degrade performance and eventually lead to denial of service (DoS) if the system runs out of available memory. The vulnerability does not appear to allow code execution or privilege escalation directly, nor does it require user interaction beyond invoking the vulnerable function. No CVSS score has been assigned yet, and no patches or exploits are currently known. Radare2 is widely used by security researchers, malware analysts, and reverse engineers to analyze binaries and perform forensic investigations. The leak in r_bin_object_new could be triggered by processing crafted or malformed binary files, leading to gradual memory exhaustion. While exploitation is not trivial and does not compromise confidentiality or integrity, the availability impact could disrupt analysis workflows or automated tooling relying on radare2. The vulnerability was reserved in late September 2025 and published in mid-October 2025, indicating recent discovery and disclosure.

For European organizations, the primary impact of CVE-2025-60359 is on availability and operational stability of systems running radare2 for reverse engineering or malware analysis. Memory leaks can cause performance degradation, increased resource consumption, and potential crashes or denial of service conditions if the tool is used extensively or in automated pipelines. This could delay incident response, forensic investigations, or vulnerability research activities. Organizations relying on radare2 in security operations centers (SOCs), CERT teams, or research labs may experience reduced efficiency or require additional resource allocation to mitigate the leak’s effects. Since radare2 is a niche tool primarily used by cybersecurity professionals, the broader enterprise impact is limited. However, critical infrastructure operators or defense-related entities using radare2 for binary analysis could face operational disruptions. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to maintain tool reliability.

1. Monitor radare2 official repositories and security advisories for patches addressing CVE-2025-60359 and apply updates promptly once available. 2. Until a patch is released, limit the use of radare2 to trusted binary files to reduce the risk of triggering the memory leak with crafted inputs. 3. Employ resource monitoring tools to detect abnormal memory consumption during radare2 usage and restart processes as needed to prevent system instability. 4. Consider isolating radare2 analysis environments using containerization or virtual machines to contain potential resource exhaustion impacts. 5. For automated analysis pipelines, implement memory usage thresholds and automated restarts to mitigate prolonged memory leaks. 6. Engage with the radare2 community or maintainers to obtain any unofficial fixes or workarounds. 7. Document and train security analysts on recognizing symptoms of memory leaks and appropriate response procedures.