Jwang

Name of the Vulnerable Software and Affected Versions: Unicorn Engine versions prior to 2.0.0-rc5 Description: The issue is related to the virtual memory manager, specifically in the `split region` function in `uc.c`. It allows local attackers to escape the sandbox by exploiting a faulty comparison of GVA and GPA while calling `uc mem map ptr` to free part of a claimed memory block. This can lead to the execution of arbitrary code on the host machine. An attacker must first obtain the ability to execute crafted code in the target sandbox. Recommendations: For versions prior to 2.0.0-rc5, update to version 2.0.0-rc5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `uc mem map ptr` function to minimize the risk of exploitation.