CVE-2021-44078

Name of the Vulnerable Software and Affected Versions: Unicorn Engine versions prior to 2.0.0-rc5

Description: The issue is related to the virtual memory manager, specifically in the split region function in uc.c. It allows local attackers to escape the sandbox by exploiting a faulty comparison of GVA and GPA while calling uc mem map ptr to free part of a claimed memory block. This can lead to the execution of arbitrary code on the host machine. An attacker must first obtain the ability to execute crafted code in the target sandbox.

Recommendations: For versions prior to 2.0.0-rc5, update to version 2.0.0-rc5 or later to resolve the issue. As a temporary workaround, consider restricting access to the uc mem map ptr function to minimize the risk of exploitation.