CVE-2022-36041 - OpenCVE

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rizin	Rizin

Configuration 1 [-]

cpe:2.3:a:rizin:rizin:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/rizinorg/rizin/commit/7323e64d68ecccfb0ed3ee480f704384c38676b2
https://github.com/rizinorg/rizin/issues/2956
https://github.com/rizinorg/rizin/security/advisories/GHSA-2c7m-2f37-mr5m
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQZLMHEI5D7EJASA5UW6XN4ODHLRHK6N/
https://security.gentoo.org/glsa/202209-06

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-09-06T00:00:00

Updated: 2024-08-03T09:52:00.654Z

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-36041

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-06T20:15:08.673

Modified: 2023-11-07T03:49:30.863

Link: CVE-2022-36041

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-36041", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2024-08-03T09:52:00.654Z", "dateReserved": "2022-07-15T00:00:00", "datePublished": "2022-09-06T00:00:00"}, "containers": {"cna": {"title": "Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-03-30T00:00:00"}, "descriptions": [{"lang": "en", "value": "Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch."}], "affected": [{"vendor": "rizinorg", "product": "rizin", "versions": [{"version": "<= 0.4.0", "status": "affected"}]}], "references": [{"url": "https://github.com/rizinorg/rizin/security/advisories/GHSA-2c7m-2f37-mr5m"}, {"url": "https://github.com/rizinorg/rizin/issues/2956"}, {"url": "https://github.com/rizinorg/rizin/commit/7323e64d68ecccfb0ed3ee480f704384c38676b2"}, {"name": "GLSA-202209-06", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202209-06"}, {"name": "FEDORA-2023-af305bed3d", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQZLMHEI5D7EJASA5UW6XN4ODHLRHK6N/"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-787: Out-of-bounds Write", "cweId": "CWE-787"}]}], "source": {"advisory": "GHSA-2c7m-2f37-mr5m", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:52:00.654Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/rizinorg/rizin/security/advisories/GHSA-2c7m-2f37-mr5m", "tags": ["x_transferred"]}, {"url": "https://github.com/rizinorg/rizin/issues/2956", "tags": ["x_transferred"]}, {"url": "https://github.com/rizinorg/rizin/commit/7323e64d68ecccfb0ed3ee480f704384c38676b2", "tags": ["x_transferred"]}, {"name": "GLSA-202209-06", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202209-06"}, {"name": "FEDORA-2023-af305bed3d", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQZLMHEI5D7EJASA5UW6XN4ODHLRHK6N/"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rizin:rizin:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E797DF4-7DCA-46AA-9A36-5C0064FE79CA", "versionEndIncluding": "0.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch."}, {"lang": "es", "value": "Rizin es un marco de trabajo de ingenier\u00eda inversa tipo UNIX y un conjunto de herramientas de l\u00ednea de comandos. Las versiones 0.4.0 y anteriores son vulnerables a una escritura fuera de l\u00edmites cuando analizan archivos Mach-O. Un usuario que abra un archivo Mach-O malicioso podr\u00eda verse afectado por esta vulnerabilidad, permitiendo a un atacante ejecutar c\u00f3digo en la m\u00e1quina del usuario. El commit n\u00famero 7323e64d68ecccfb0ed3ee480f704384c38676b2 contiene un parche."}], "id": "CVE-2022-36041", "lastModified": "2023-11-07T03:49:30.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-09-06T20:15:08.673", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/rizinorg/rizin/commit/7323e64d68ecccfb0ed3ee480f704384c38676b2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/rizinorg/rizin/issues/2956"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/rizinorg/rizin/security/advisories/GHSA-2c7m-2f37-mr5m"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQZLMHEI5D7EJASA5UW6XN4ODHLRHK6N/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202209-06"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}