---

CVE-2021-43814 - log back

CVE-2021-43814 edited at 04 Apr 2022 21:39:46
Remote	- Remote + Local

CVE-2021-43814 edited at 04 Apr 2022 21:38:22
References	https://github.com/rizinorg/rizin/security/advisories/GHSA-hqqp-vjcm-mw8r https://github.com/rizinorg/rizin/issues/2083 https://github.com/rizinorg/rizin/pull/2086 https://github.com/rizinorg/rizin/commit/aa6917772d2f32e5a7daab25a46c72df0b5ea406 + https://github.com/rizinorg/rizin/commit/1a63dad027df62c5d65cad480d9ddc6134a5509b

CVE-2021-43814 edited at 13 Dec 2021 21:14:32
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ In Rizin versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a malicious AMD64 ELF binary is opened by a victim user, Rizin may crash or execute unintended actions.
References	+ https://github.com/rizinorg/rizin/security/advisories/GHSA-hqqp-vjcm-mw8r + https://github.com/rizinorg/rizin/issues/2083 + https://github.com/rizinorg/rizin/pull/2086 + https://github.com/rizinorg/rizin/commit/aa6917772d2f32e5a7daab25a46c72df0b5ea406

CVE-2021-43814 created at 13 Dec 2021 21:12:57
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes