CNNVD-202602-058 Information
CNNVD ID
CNNVD-202602-058
Related CVE
- CNNVD Published: 2026-02-02
Description (Chinese)
Rizin是Rizin组织的一个免费的开源逆向工程框架。用于分析二进制文件、反汇编代码、调试程序、作为取证工具、作为能够打开磁盘文件的可编写脚本的命令行十六进制编辑器等等。 Rizin 0.8.2之前版本存在安全漏洞,该漏洞源于解析恶意mach0文件时存在堆溢出。
Description (English)
Rizin is a free open source reverse engineering framework for Rizin. For the analysis of binary files, anti-compilation codes, debugging programs, as evidentiary tools, as command-based hexadecimal editor to open disk files. There was a security loophole in the previous version of Rizin 0.8.2, which resulted from the spilling of malicious Mach0 documents.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Rizin
Published
2026-02-02
Last Modified
2026-02-24
References
https://github.com/rizinorg/rizin/blob/6dd0dba9ff4dc706f549d0cdcd93856b49e59aa0/librz/bin/format/mach0/mach0_chained_fixups.c#L200 https://github.com/rizinorg/rizin/commit/41ea75d5b07d9b41b27ae80675cdda65f1b1c989 https://github.com/rizinorg/rizin/issues/5768 https://github.com/rizinorg/rizin/pull/5770 https://github.com/rizinorg/rizin/releases/tag/v0.8.2 https://github.com/rizinorg/rizin/security/advisories/GHSA-f3v7-xhmj-9cjj