CVE-2024-31670

Name of the Vulnerable Software and Affected Versions rizin versions prior to 0.6.3

Description The issue is related to a buffer overflow that can occur via the create cache bins, read cache accel, and rz dyldcache new buf functions in librz/bin/format/mach0/dyldcache.c. This can potentially lead to exploitation. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For versions prior to 0.6.3, update to version 0.6.3 or later to resolve the issue. As a temporary workaround, consider disabling the create cache bins, read cache accel, and rz dyldcache new buf functions until a patch is available. Restrict access to the librz/bin/format/mach0/dyldcache.c module to minimize the risk of exploitation.