CVE-2022-36042

Name of the Vulnerable Software and Affected Versions Rizin versions 0.4.0 and prior

Description The issue is related to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected, allowing an attacker to execute code on the user's machine.

Recommendations For versions 0.4.0 and prior, update to a version that includes the patch from commit number 556ca2f9eef01ec0f4a76d1fbacfcf3a87a44810 to resolve the issue. As a temporary workaround, consider avoiding the use of Rizin to open dyld cache files from untrusted sources until the patch is applied.