A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function.
References
Link | Resource |
---|---|
https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4 | Exploit Third Party Advisory |
https://github.com/rizinorg/rizin/pull/1313 | Exploit Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fedora
Published: 2023-03-24T00:00:00
Updated: 2023-03-24T00:00:00
Reserved: 2021-08-02T00:00:00
Link: CVE-2021-3674
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-24T20:15:08.097
Modified: 2023-03-29T12:51:09.367
Link: CVE-2021-3674
JSON object: View
Redhat Information
No data.