PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-45324 rizinorg CVE debrief

A double-free vulnerability exists in Rizin, a UNIX-like reverse engineering framework. The flaw occurs in the `byte_pattern_search()` function within `librz/core/cmd/cmd_search.c` due to incorrect pointer ownership semantics. An attacker with local access could potentially trigger memory corruption, leading to limited integrity and availability impact. The vulnerability requires high attack complexity, physical access or local presence, low privileges, and user interaction. The CVSS 3.1 vector indicates scope change with no confidentiality impact, low integrity impact, and low availability impact. The issue has been remediated via a specific commit addressing the pointer ownership declaration.

Vendor
rizinorg
Product
rizin
CVSS
LOW 3.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-29
Original CVE updated
2026-05-29
Advisory published
2026-05-29
Advisory updated
2026-05-29

Who should care

Security teams maintaining reverse engineering workstations, incident responders analyzing untrusted binaries with Rizin, and developers integrating Rizin libraries into security tooling should prioritize this patch during routine maintenance cycles given the local attack vector and high complexity requirements.

Technical summary

The vulnerability stems from improper pointer ownership in `byte_pattern_search()` within Rizin's core search command implementation. The double-free condition arises when memory management responsibilities are incorrectly assigned, potentially causing the same heap allocation to be freed twice. This can lead to heap metadata corruption, use-after-free conditions, or application crashes. The fix commit modifies pointer ownership declarations to ensure deterministic memory lifecycle management.

Defensive priority

routine

Recommended defensive actions

  • Upgrade Rizin to a version incorporating commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe or later
  • Review local access controls to limit physical access to systems running Rizin
  • Monitor for security advisories from the Rizin project for additional hardening recommendations
  • If unable to upgrade immediately, restrict use of pattern search functionality to trusted inputs only

Evidence notes

Vulnerability description sourced from NVD entry published 2026-05-29. Fix commit and GitHub Security Advisory referenced in official NVD record. CVSS 3.1 score of 3.3 (LOW) with vector AV:P/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L. CWE-415 (Double Free) identified as primary weakness.

Official resources

2026-05-29