QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3674

Published: Mar 24, 2023

Modified: Feb 25, 2025

PUBLISHED

Description

A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function.

Vendor	Product	Versions
n/a	rizin	affected `affected rizin after version v0.2.1 until commit 1e0c34946dddf9b8e5e63933aefacf2b26d08103`

Weaknesses (CWE)

References

https://github.com/rizinorg/rizin/pull/1313

https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.