CVE-2025-60361 identifies a memory leak vulnerability in radare2, an open-source reverse engineering framework widely used for binary analysis and debugging. The flaw exists in the bochs_open function, which likely handles opening or interfacing with Bochs virtual machine disk images or related components. A memory leak occurs when allocated memory is not properly freed, causing the application’s memory usage to grow unnecessarily over time. While this does not directly compromise confidentiality or integrity, it can lead to degraded system performance or denial of service if the application consumes excessive memory. The vulnerability requires local access with low privileges (AV:L, PR:L), does not require user interaction (UI:N), and affects availability (A:L) only. The CVSS score of 3.3 reflects the limited impact and exploitation complexity. No known exploits have been reported, and no patches have been released at the time of publication. The vulnerability is classified under CWE-401, indicating improper release of memory. Organizations using radare2 in their security research, malware analysis, or software debugging workflows should be aware of this issue and monitor for updates from the radare2 project.

For European organizations, the primary impact of this vulnerability is potential degradation of availability in systems running vulnerable versions of radare2. Memory leaks can cause increased memory consumption, leading to application crashes or system instability, especially in environments where radare2 is used extensively or in automated pipelines. While the vulnerability does not expose sensitive data or allow unauthorized code execution, it can disrupt security analysis workflows or delay incident response activities. Organizations relying on radare2 for malware analysis, reverse engineering, or forensic investigations may experience reduced operational efficiency. The impact is mitigated by the requirement for local access and the low severity rating. However, in high-security environments or critical infrastructure sectors where radare2 is part of the toolchain, even minor availability issues can have cascading effects.

1. Monitor radare2 project communications and repositories for official patches addressing CVE-2025-60361 and apply updates promptly once available. 2. Restrict local access to systems running radare2 to trusted users only, minimizing the risk of exploitation by unauthorized personnel. 3. Implement resource monitoring tools to track memory usage of radare2 processes, enabling early detection of abnormal consumption patterns indicative of the memory leak. 4. Consider running radare2 in isolated or containerized environments to limit the impact of potential memory exhaustion on host systems. 5. For automated analysis pipelines, schedule periodic restarts of radare2 processes to clear accumulated memory usage until a patch is applied. 6. Educate security analysts and developers about this vulnerability to ensure awareness and encourage reporting of any unusual application behavior. 7. Evaluate alternative reverse engineering tools temporarily if the memory leak significantly impacts operational stability.