Rizin is a UNIX-like reverse engineering framework and command-line toolset
The Rizin reverse engineering framework has a heap buffer overflow vulnerability in its OMF file format parser. This could potentially allow an attacker to execute arbitrary code, although the vulnerability is considered low-risk due to the requirement for local access to the system. The vulnerability is due to incorrect bounds checking in the parser.
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.
Developers and users of the Rizin framework who have local access to the system are at low risk of having their system compromised by an attacker, who could potentially execute arbitrary code due to the heap buffer overflow vulnerability.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
0
Affected Products
2
References
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Exploitability
Impact