CVE-2021-36979Out-of-bounds Write in Unicorn Engine

CWE-787Out-of-bounds Write2 documents2 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 57.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fedoraproject FedoraUnicorn-engine Unicorn Engine
Timeline
PublishedJul 20
Latest updateMay 24

Description

Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

Also affects: Fedora 35

Patches

Patch: bugs.chromium.orgPatch: github.comPatch: bugs.chromium.org

🔴Vulnerability Details

1
GHSA
GHSA-65p9-86g3-vxrx: Unicorn Engine 12022-05-24
CVE-2021-36979 — Out-of-bounds Write in Unicorn Engine | cvebase