Kwenma

**Name of the Vulnerable Software and Affected Versions** Ghidra versions prior to 12.1.1 **Description** The Mach-O binary parser contains an uncontrolled memory allocation issue that can lead to a denial of service. An attacker can provide a specially crafted Mach-O binary with an arbitrarily large `ncmds` load command count value. This forces the parser to allocate excessive heap memory without validating the file size, resulting in a crash of the Ghidra JVM (Java Virtual Machine). **Recommendations** Update to version 12.1.1 or later.