AVG-2590 - rizin - Arch Linux
AVG-2590 log
| Package | rizin |
| Status | Vulnerable |
| Severity | Medium |
| Type | multiple issues |
| Affected | 0.3.0-1 |
| Fixed | Unknown |
| Current | 0.3.1-1 [community] |
| Ticket | Create |
| Created | Sat Nov 27 12:58:46 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-43814 | Medium | Yes | Arbitrary code execution | In Rizin versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug... |
| CVE-2021-4022 | Low | Yes | Denial of service | A specially crafted binary can make Rizin segfault when it tries to analyze it (doing a full analysis with aaa). |