PT-2025-9177 · Rizin · Rizin

Ekkosun

Published

2025-03-01

Updated

2025-03-03

CVE-2025-1788

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions rizinorg rizin versions up to 0.8.0

Description A critical vulnerability was found in rizinorg rizin, affecting the rz utf8 encode function in the library /librz/util/utf8.c. The manipulation leads to a heap-based buffer overflow. An attack must be approached locally. The exploit has been disclosed to the public and may be used.

Recommendations To fix this issue, apply a patch to the affected version of rizinorg rizin. As a temporary workaround, consider disabling the rz utf8 encode function until a patch is available.

Exploit

Fix

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-119

Related Identifiers

CVE-2025-1788

Affected Products

Rizin

PT-2025-9177 · Rizin · Rizin

CVE-2025-1788

Weakness Enumeration

Related Identifiers

Affected Products

References · 13