Rizin Vulnerability: Crash Caused by Uninitialized Memory Address in ELF64 Binary Analysis

Rizin Vulnerability: Crash Caused by Uninitialized Memory Address in ELF64 Binary Analysis

CVE-2021-4022 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

A vulnerability was found in rizin. The bug involves an ELF64 binary for the HPPA architecture. When a specially crafted binarygets analysed by rizin, it causes rizin to crash by freeing an uninitialized (and potentially user controlled, depending on the build) memory address.

Learn more about our User Device Pen Test.