← Back to CVE List

CVE-2023-27590

Published: 2023-03-14T21:15Z
Last Modified: 2024-11-21T07:53Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt