AVG-2590 log

Package rizin
Status Vulnerable
Severity Medium
Type multiple issues
Affected 0.3.0-1
Fixed Unknown
Current 0.3.1-1 [community]
Ticket Create
Created Sat Nov 27 12:58:46 2021
Issue Severity Remote Type Description
CVE-2021-43814 Medium Yes Arbitrary code execution
In Rizin versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug...
CVE-2021-4022 Low Yes Denial of service
A specially crafted binary can make Rizin segfault when it tries to analyze it (doing a full analysis with aaa).