Impact
There is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a malicious AMD64 ELF binary is opened by a victim user, Rizin may crash or execute unintended actions.
Patches
aa69177
Workarounds
We are not aware of any.
References
#2083
For more information
If you have any questions or comments about this advisory email us at security@rizin.re.
OctavioGalland Analyst
ogianatiempo Analyst
Impact
There is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a malicious AMD64 ELF binary is opened by a victim user, Rizin may crash or execute unintended actions.
Patches
aa69177
Workarounds
We are not aware of any.
References
#2083
For more information
If you have any questions or comments about this advisory email us at security@rizin.re.