CVE-2024-31670
- Source
- https://cve.org/CVERecord?id=CVE-2024-31670
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31670.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-31670
- Published
- 2024-12-12T18:15:23.977Z
- Modified
- 2026-04-12T07:01:48.408641Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- [none]
- Details
-
rizin before v0.6.3 is vulnerable to Buffer Overflow via createcachebins, readcacheaccel, and rzdyldcachenew_buf functions in librz/bin/format/mach0/dyldcache.c.
- References
Affected packages
Git / github.com/rizinorg/rizin
Affected versions
0.*
0.1.0
v0.*
v0.1.0
v0.1.1
v0.1.2
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.4.0
v0.4.1
v0.5.0
v0.5.1
v0.5.2
v0.6.0
v0.6.1
v0.6.2
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31670.json"
vanir_signatures_modified
"2026-04-12T07:01:48Z"
vanir_signatures
[
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 609.0,
"function_hash": "58262868138063189452359665451193502768"
},
"source": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02",
"id": "CVE-2024-31670-832ca766",
"signature_type": "Function",
"target": {
"function": "rz_dyldcache_new_buf",
"file": "librz/bin/format/mach0/dyldcache.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 841.0,
"function_hash": "314028342897745400195669508889791448972"
},
"source": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02",
"id": "CVE-2024-31670-8873be87",
"signature_type": "Function",
"target": {
"function": "read_cache_accel",
"file": "librz/bin/format/mach0/dyldcache.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 3758.0,
"function_hash": "256695099205391455690157599532580480837"
},
"source": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02",
"id": "CVE-2024-31670-a6a5bca6",
"signature_type": "Function",
"target": {
"function": "create_cache_bins",
"file": "librz/bin/format/mach0/dyldcache.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"260169637974387149379128062662532549875",
"313930794252959565929684113640467952005",
"282447215717882830671433862531634236563",
"100655825308428834543970681936620606390",
"18772926460710974742276859374737556714",
"124943200428514757914050311129412486563",
"263782245906525260577087265545251738762",
"234285395805901954516181059530364893616",
"271181938578679421927994831413655718277",
"123759436810096849085359356080358122409",
"125644714855743244835571021889880452766",
"176567526503691916335638984576910704820",
"120625257675922998548265677636227844417",
"20531873999069567496068474870587776327",
"31540796248795974536599264825095925742",
"293266930025055816019316443172094513387",
"289570638440673542928992983621587834347",
"154583043707244852992864084022024124709",
"120234637199861574248704031023554497610",
"13096946032531602271589297050430756586"
]
},
"source": "https://github.com/rizinorg/rizin/commit/75bac3088b2ec173e22d4be9d525ceacc987cf02",
"id": "CVE-2024-31670-bce595a4",
"signature_type": "Line",
"target": {
"file": "librz/bin/format/mach0/dyldcache.c"
}
}
]