What is CVE-2021-43814?

CVE-2021-43814 is a high-severity vulnerability in Rizinorg Rizin, classified under Out-of-bounds Write. CVSS score: 7.7/10. Published 2021-12-13.

How severe is CVE-2021-43814?

High severity. CVSS v3 base score is 7.7 out of 10.

Buffer overflow in Rizinorg Rizin

CVE-2021-43814

Rizin is a UNIX-like reverse engineering framework and command-line toolset. In versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a ma…

Vulnerability class: Buffer Overflow

EPSS: 0.002 (48.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Rizinorg Rizin — versions <= 0.3.1

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

github.com/rizinorg/rizin/security/advisories/GHSA-hqqp-vjcm-mw8r (x_refsource_CONFIRM)
github.com/rizinorg/rizin/issues/2083 (x_refsource_MISC)
github.com/rizinorg/rizin/commit/aa6917772d2f32e5a7daab25a46c72df0b5ea406 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-43814?: CVE-2021-43814 is a high-severity vulnerability in Rizinorg Rizin, classified under Out-of-bounds Write. CVSS score: 7.7/10. Published 2021-12-13.
How severe is CVE-2021-43814?: High severity. CVSS v3 base score is 7.7 out of 10.