A use-after-free vulnerability exists in radare2 6.1.5 and earlier versions within the GDB client core, specifically in the `gdbr_pids_list()` function. The flaw occurs when malformed thread information responses from a remote GDB server trigger a memory corruption condition. During the thread discovery protocol exchange, `qfThreadInfo` successfully allocates `RDebugPid` structures, but if the subsequent [truncated]
A use-after-free vulnerability exists in radare2 6.1.5 and earlier versions within the `gdbr_threads_list()` function, which handles GDB remote debugging protocol responses. The flaw occurs when processing thread information packets: a valid `qfThreadInfo` response followed by a malformed `qsThreadInfo` response can trigger memory corruption. This vulnerability is remotely exploitable through the GDB remo [truncated]
