Rizin
Monthly
Double free memory corruption in Rizin's byte_pattern_search() function (librz/core/cmd/cmd_search.c) arises from incorrect pointer ownership declarations, allowing a low-privileged local attacker with physical access to cause low-integrity and low-availability impacts under high-complexity conditions requiring user interaction. The CVSS score of 3.3 (Low) reflects the extremely constrained attack surface: physical presence, high complexity, and mandatory user interaction all limit practical exploitability. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Heap out-of-bounds read in Rizin's OMF binary parser exposes heap memory contents when a user opens a maliciously crafted Object Module Format file. An off-by-one bounds check error in the `rz_bin_omf_get_entry` function within `librz/bin/format/omf/omf.c` allows array access one element past the end of the allocated sections array, resulting in limited confidentiality impact (heap data disclosure). No public exploit exists and this is not listed in CISA KEV; the CVSS score of 3.3 accurately reflects constrained real-world risk due to local-only access and mandatory user interaction.
Rizin versions up to 0.8.2 is affected by allocation of resources without limits or throttling (CVSS 4.4).
A vulnerability, which was classified as critical, was found in rizinorg rizin up to 0.8.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in rizinorg rizin up to 0.7.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Double free memory corruption in Rizin's byte_pattern_search() function (librz/core/cmd/cmd_search.c) arises from incorrect pointer ownership declarations, allowing a low-privileged local attacker with physical access to cause low-integrity and low-availability impacts under high-complexity conditions requiring user interaction. The CVSS score of 3.3 (Low) reflects the extremely constrained attack surface: physical presence, high complexity, and mandatory user interaction all limit practical exploitability. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Heap out-of-bounds read in Rizin's OMF binary parser exposes heap memory contents when a user opens a maliciously crafted Object Module Format file. An off-by-one bounds check error in the `rz_bin_omf_get_entry` function within `librz/bin/format/omf/omf.c` allows array access one element past the end of the allocated sections array, resulting in limited confidentiality impact (heap data disclosure). No public exploit exists and this is not listed in CISA KEV; the CVSS score of 3.3 accurately reflects constrained real-world risk due to local-only access and mandatory user interaction.
Rizin versions up to 0.8.2 is affected by allocation of resources without limits or throttling (CVSS 4.4).
A vulnerability, which was classified as critical, was found in rizinorg rizin up to 0.8.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in rizinorg rizin up to 0.7.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.