CVE-2024-31668
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-31668
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31668.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-31668
- Published
- 2024-12-17T22:15:06.677Z
- Modified
- 2025-11-19T17:35:22.293176Z
- Severity
-
- 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.
- References
Affected packages
Git / github.com/rizinorg/rizin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/rizinorg/rizin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"digest": {
"line_hashes": [
"149830631874058490921047097216589018525",
"167350021532386168069208135556396041984",
"81610900601000304630350715686118209594",
"76923611668925747058361716552375391390"
],
"threshold": 0.9
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-31668-04c7c712",
"target": {
"file": "librz/bin/dwarf/endian_reader.c"
},
"source": "https://github.com/rizinorg/rizin/commit/c025dcee40c8eac2ab559f2caa3798a2dbf019e4"
},
{
"digest": {
"function_hash": "86253500105812889384753300284385428508",
"length": 293.0
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-31668-6832fa19",
"target": {
"file": "librz/bin/dwarf/endian_reader.c",
"function": "read_string"
},
"source": "https://github.com/rizinorg/rizin/commit/c025dcee40c8eac2ab559f2caa3798a2dbf019e4"
},
{
"digest": {
"line_hashes": [
"66867062006877592739540930157364835429",
"268377292979467090942145133379825036089",
"221294632158869389884223452093718360374",
"225856599841393617404325283914124290071",
"59993212339210575473479871550169570548",
"188832322628248375123977347869887224063",
"49549168292831335334187289542790662745",
"188621900781606839823797160999665327578",
"246670815751216851418012096182398773501",
"200787819769135820450880730260021795859",
"249826723868275114251864164306098414849",
"218165236094882795330958554964852655606",
"299384039367504510474112255595244180471",
"250498615829374523322698395201185710189",
"66483678243416632723453292385582620597",
"40287820546034608753862662210334698587",
"260129953900474448453575589491124957195",
"26722549309290513029574486711612765636",
"334820123275797644215161726849683133907",
"24650517830547257404742608531273299810"
],
"threshold": 0.9
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-31668-98f50791",
"target": {
"file": "librz/include/rz_bin_dwarf.h"
},
"source": "https://github.com/rizinorg/rizin/commit/c025dcee40c8eac2ab559f2caa3798a2dbf019e4"
},
{
"digest": {
"function_hash": "217244488678792062342294097188668692735",
"length": 676.0
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-31668-acc5a0f5",
"target": {
"file": "librz/include/rz_bin_dwarf.h",
"function": "rz_bin_dwarf_attr_string"
},
"source": "https://github.com/rizinorg/rizin/commit/c025dcee40c8eac2ab559f2caa3798a2dbf019e4"
},
{
"digest": {
"line_hashes": [
"163993452826350124049717869032169045739",
"204848173787852550961760472416045494722",
"73976613588288148325975744489008238024"
],
"threshold": 0.9
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-31668-da9f0936",
"target": {
"file": "librz/bin/dwarf/dwarf_private.h"
},
"source": "https://github.com/rizinorg/rizin/commit/c025dcee40c8eac2ab559f2caa3798a2dbf019e4"
}
]