M4Drat

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** The issue affects a UNIX-like reverse engineering framework and command-line toolset, allowing an attacker to execute code on a user's machine when a malicious DEX file is opened. This is due to an out-of-bounds write when parsing DEX files. **Recommendations** For versions 0.4.0 and prior, update to a patched version available on the `dev` branch of the repository to resolve the issue. As a temporary workaround, consider avoiding the use of the DEX file parsing functionality until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** Rizin is a UNIX-like reverse engineering framework and command-line toolset. The issue arises from an out-of-bounds write when getting data from PYC (python) files. A user opening a malicious PYC file could be affected, allowing an attacker to execute code on the user's machine. **Recommendations** For versions 0.4.0 and prior, update to a version that includes the patch from commit number 68948017423a12786704e54227b8b2f918c2fd27 to resolve the issue. As a temporary workaround, consider avoiding the use of Rizin to open PYC files from untrusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** The issue is related to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected, allowing an attacker to execute code on the user's machine. **Recommendations** For versions 0.4.0 and prior, update to a version that includes the patch from commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 to resolve the issue. As a temporary workaround, consider avoiding the use of Rizin to open Mach-O files from untrusted sources until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** The issue is related to a double free in bobj.c:rz bin reloc storage free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected, allowing an attacker to execute code on the user's machine. **Recommendations** For versions 0.4.0 and prior, apply the patch contained in commit number a3d50c1ea185f3f642f2d8180715f82d98840784 to resolve the issue. As a temporary workaround, consider avoiding the use of the qnx binary plugin until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** Rizin is a UNIX-like reverse engineering framework and command-line toolset. The issue arises from an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected, allowing an attacker to execute code on the user's machine. **Recommendations** For Rizin versions 0.4.0 and prior, update to a version that includes the fixes from commits 07b43bc8aa1ffebd9b68d60624c9610cf7e460c7 and 05bbd147caccc60162d6fba9baaaf24befa281cd to resolve the issue. As a temporary workaround, consider avoiding the use of Rizin to open Luac files from untrusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Rizin versions 0.4.0 and prior **Description** The issue is related to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected, allowing an attacker to execute code on the user's machine. **Recommendations** For versions 0.4.0 and prior, update to a version that includes the patch from commit number 556ca2f9eef01ec0f4a76d1fbacfcf3a87a44810 to resolve the issue. As a temporary workaround, consider avoiding the use of Rizin to open dyld cache files from untrusted sources until the patch is applied.