Rz Libdemangle
Monthly
Out-of-bounds read in rz-libdemangle's Rust v0 demangler leaks process memory when a caller invokes the demangling routine before the internal rust_v0_t structure is properly initialized. All builds of the library prior to commit 6bf56d3 are affected, putting security analysts and reverse engineers who process untrusted Rust binaries through the Rizin framework at risk of memory disclosure. No confirmed active exploitation (not in CISA KEV) and no public exploit code has been identified at time of analysis; the fix is available as an upstream commit but a versioned release is not independently confirmed.
Out-of-bounds read in rz-libdemangle's Rust v0 demangler leaks process memory when a caller invokes the demangling routine before the internal rust_v0_t structure is properly initialized. All builds of the library prior to commit 6bf56d3 are affected, putting security analysts and reverse engineers who process untrusted Rust binaries through the Rizin framework at risk of memory disclosure. No confirmed active exploitation (not in CISA KEV) and no public exploit code has been identified at time of analysis; the fix is available as an upstream commit but a versioned release is not independently confirmed.