CVE-2021-43814 (https://github.com/rizinorg/rizin/issues/2083): Rizin is a UNIX-like reverse engineering framework and command-line toolset. In versions up to and including 0.3.1 there is a heap-based out of bounds write in parse_die() when reversing an AMD64 ELF binary with DWARF debug info. When a malicious AMD64 ELF binary is opened by a victim user, Rizin may crash or execute unintended actions. No workaround are known and users are advised to upgrade. I will look into applying the patch.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=166222145e93b3e5bf1e1978fff2d00553585e1a commit 166222145e93b3e5bf1e1978fff2d00553585e1a Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-12-14 01:07:07 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-12-14 01:08:26 +0000 dev-util/rizin: add patch for CVE-2021-43814 Bug: https://bugs.gentoo.org/829129 Signed-off-by: John Helmert III <ajak@gentoo.org> .../rizin/files/rizin-0.3.1-CVE-2021-43814.patch | 90 ++++++++++++++++++ dev-util/rizin/rizin-0.3.1-r2.ebuild | 103 +++++++++++++++++++++ 2 files changed, 193 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e8928e8264ae4783d97f77700a0f747b31d4bab commit 3e8928e8264ae4783d97f77700a0f747b31d4bab Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-12-31 11:52:41 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-12-31 22:13:12 +0000 dev-util/rizin: drop 0.3.0, 0.3.1-r1 Bug: https://bugs.gentoo.org/829129 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-util/rizin/Manifest | 1 - dev-util/rizin/files/rizin-0.3.0-md4-openssl.patch | 100 -------------------- dev-util/rizin/rizin-0.3.0.ebuild | 103 --------------------- dev-util/rizin/rizin-0.3.1-r1.ebuild | 102 -------------------- 4 files changed, 306 deletions(-)
