Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
Published: 2026-05-29
Score: 3.3 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A double free was discovered in Rizin's byte_pattern_search function within cmd_search.c, due to incorrect pointer ownership handling. This flaw allows memory corruption, potentially causing crashes or unforeseen behavior when the function processes user-supplied data. The vulnerability does not provide an explicit path for remote code execution but can lead to a denial of service by terminating the process.

Affected Systems

The issue affects the Rizin framework provided by rizinorg. No specific version range is listed in the advisory, but the fix is included in commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe. Systems running versions of Rizin that have not incorporated this commit are vulnerable.

Risk and Exploitability

With a CVSS score of 3.3, the risk is considered low, and the EPSS score is not available. The vulnerability is not included in CISA's KEV catalog. The likely attack vector, inferred from the description, involves local execution of malicious input through Rizin's cmd_search functionality. While there is no known exploitation beyond potential denial of service, organizations should apply the patch promptly to prevent memory corruption issues.

Generated by OpenCVE AI on May 29, 2026 at 20:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Rizin to any release that includes commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe or later.
  • If an upgrade is not immediately possible, rebuild Rizin from the latest source and enable memory sanitizers to catch double free errors at runtime.
  • Restrict or sanitize user input to the byte_pattern_search command until the patch is applied, minimizing the risk of memory corruption.

Generated by OpenCVE AI on May 29, 2026 at 20:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 29 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
Title Rizin: Double free in cmd_search.c
Weaknesses CWE-415
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-29T19:48:16.661Z

Reserved: 2026-05-11T20:50:30.539Z

Link: CVE-2026-45324

cve-icon Vulnrichment

Updated: 2026-05-29T19:48:08.412Z

cve-icon NVD

Status : Deferred

Published: 2026-05-29T20:16:25.977

Modified: 2026-05-29T20:21:38.773

Link: CVE-2026-45324

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T21:00:09Z

Weaknesses