cve/2023/CVE-2023-27590.md

### [CVE-2023-27590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27590)
![](https://img.shields.io/static/v1?label=Product&message=rizin&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.5.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%3A%20Stack-based%20Buffer%20Overflow&color=brighgreen)

### Description

Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/DiRaltvein/memory-corruption-examples
Update CVE sources 2024-08-07 19:02 2024-08-07 19:02:05 +00:00			`### [CVE-2023-27590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27590)`
			`![](https://img.shields.io/static/v1?label=Product&message=rizin&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.5.1%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%3A%20Stack-based%20Buffer%20Overflow&color=brighgreen)`

			`### Description`

			Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/DiRaltvein/memory-corruption-examples`