A heap-buffer-overflow vulnerability exists in Rizin, a UNIX-like reverse engineering framework and command-line toolset. The flaw is located in the OMF (Object Module Format) binary parser at librz/bin/format/omf/omf.c. The vulnerability has been assigned a CVSS 3.1 score of 3.3 (Low severity), indicating limited impact due to local attack vector requirements and user interaction needed for exploitation. [truncated]
A double-free vulnerability exists in Rizin, a UNIX-like reverse engineering framework. The flaw occurs in the `byte_pattern_search()` function within `librz/core/cmd/cmd_search.c` due to incorrect pointer ownership semantics. An attacker with local access could potentially trigger memory corruption, leading to limited integrity and availability impact. The vulnerability requires high attack complexity, p [truncated]
