PT-2026-44974 · Rizin · Rizin
Esquilichi
·
Published
2026-05-29
·
Updated
2026-05-30
·
CVE-2026-45324
CVSS v3.1
3.3
Low
| Vector | AV:P/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Rizin (affected versions not specified)
Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. A double free occurs in the
byte pattern search() function within the librz/core/cmd/cmd search.c file due to incorrectly declared pointer ownership. A double free is a memory corruption issue where the same memory address is freed twice, potentially leading to crashes or arbitrary code execution.Recommendations
Apply the fix provided in commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
Fix
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rizin