← Retour aux CVEs
CVE-2023-27590
HIGH7.8
Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands.
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie3/14/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
rizin:rizin
Faiblesses (CWE)
CWE-120CWE-121CWE-787
References
https://github.com/rizinorg/rizin/blob/3a7d5116244beb678ad9950bb9dd27d28ed2691f/librz/reg/profile.c#L514(security-advisories@github.com)
https://github.com/rizinorg/rizin/blob/3a7d5116244beb678ad9950bb9dd27d28ed2691f/librz/reg/profile.c#L545(security-advisories@github.com)
https://github.com/rizinorg/rizin/commit/d6196703d89c84467b600ba2692534579dc25ed4(security-advisories@github.com)
https://github.com/rizinorg/rizin/pull/3422(security-advisories@github.com)
https://github.com/rizinorg/rizin/security/advisories/GHSA-rqcp-m8m2-jcqf(security-advisories@github.com)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW3JXI4TIJIR7PGFP74SN7GQYHW2F46Y/(security-advisories@github.com)
https://github.com/rizinorg/rizin/blob/3a7d5116244beb678ad9950bb9dd27d28ed2691f/librz/reg/profile.c#L514(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/rizinorg/rizin/blob/3a7d5116244beb678ad9950bb9dd27d28ed2691f/librz/reg/profile.c#L545(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/rizinorg/rizin/commit/d6196703d89c84467b600ba2692534579dc25ed4(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/rizinorg/rizin/pull/3422(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/rizinorg/rizin/security/advisories/GHSA-rqcp-m8m2-jcqf(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW3JXI4TIJIR7PGFP74SN7GQYHW2F46Y/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.