CVE-2026-45324
Deferred Deferred - Pending Action
Double Free Vulnerability in Rizin Reverse Engineering Framework

Publication date: 2026-05-29

Last updated on: 2026-05-29

Assigner: GitHub, Inc.

Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-05-29
Generated
2026-06-19
AI Q&A
2026-05-30
EPSS Evaluated
2026-06-18
NVD
CVE-2026-45324
EUVD
EUVD-2026-33424
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rizinorg rizin to 045fff3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-415 The product calls free() twice on the same memory address.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-45324 is a low-severity vulnerability in the Rizin reverse engineering framework, specifically in the byte_pattern_search() function within the cmd_search.c file.

The issue is a double free vulnerability caused by incorrect pointer ownership handling, meaning the function attempts to free the same memory address twice.

This can lead to memory corruption or crashes during execution.

The vulnerability has been fixed in commit 045fff3 by improving validation and correcting the freeing of memory.

Impact Analysis

This vulnerability can cause low impact on data integrity and availability by potentially leading to memory corruption or crashes in the Rizin software.

Exploitation requires physical access, high attack complexity, low privileges, and user interaction.

An attacker could cause the application to behave unexpectedly or crash, but the overall severity is low.

Detection Guidance

This vulnerability is a double free in the byte_pattern_search() function of the Rizin reverse engineering framework. Detection involves identifying if the affected version of Rizin is in use and if the vulnerable search functions are called with invalid boundaries.

Since the vulnerability requires user interaction and physical access, network detection is limited. Instead, detection should focus on verifying the Rizin version and usage patterns.

You can check the Rizin version installed on your system by running:

  • rizin -v

If the version is prior to the commit 045fff3, it is vulnerable.

To detect if the vulnerable function is being triggered, monitor for crashes or memory corruption when using search commands in Rizin, especially if invalid boundaries are used.

There are no specific network commands to detect this vulnerability, but you can audit usage logs or scripts invoking Rizin's search functions with potentially invalid parameters.

Mitigation Strategies

The primary mitigation is to update Rizin to a version that includes the fix from commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.

Until the patch is applied, avoid calling search functions with invalid boundaries, as this can trigger the double free vulnerability.

  • Apply the patch or upgrade Rizin to a version including commit 045fff3.
  • Avoid using search commands with invalid or unsupported boundary parameters.
  • Monitor and restrict user access to Rizin to prevent exploitation requiring physical access and user interaction.
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45324. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart