Heap-based OOB write when parsing dwarf DIE info in Rizin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. In versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a malicious AMD64 ELF binary is opened by a victim user, Rizin may crash or execute unintended actions. No workaround are known and users are advised to upgrade.

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

跨界内存写

Rizin 缓冲区错误漏洞

Rizin是Rizin组织的一个免费的开源逆向工程框架。用于分析二进制文件、反汇编代码、调试程序、作为取证工具、作为能够打开磁盘文件的可编写脚本的命令行十六进制编辑器等等。 Rizin 0.3.1及其之前版本存在缓冲区错误漏洞，该漏洞源于当使用DWARF调试信息反转AMD64 ELF二进制文件时，在parse die()中会出现基于堆的出界写入。当受害用户打开恶意的AMD64 ELF二进制文件时，Rizin可能会崩溃或执行意外操作。

N/A

N/A