Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

Fedora 41: 2025-1290a47fff moderate: cutter-re command injection

fedora
Calendar Grey March 1, 2025
Dist Fedora Esm H88
The latest updates for cutter-re in Fedora resolve several security vulnerabilities, such as command injection flaws and buffer overflow risks.
CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow...

Summary

Cutter is a Qt and C++ GUI for Rizin. Its goal is making an advanced,

customizable and FOSS reverse-engineering platform while keeping the user

experience at mind. Cutter is created by reverse engineers for reverse

engineers.

Update Information:

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow via create_cache_bins CVE-2024-31668 rizin: improper neutralization of special elements via meta_set function CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code

Topics%20covered

Topics Covered

security advisory fedora buffer overflow integer overflow command injection resource consumption cutter-re uncontrolled consumption

Change Log

* Thu Jan 16 2025 Fedora Release Engineering - 2.3.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Jan 1 2025 Michal Ambroz - 2.3.4-5 - Rebuild with new version of rizin 0.7.4

References


[ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2333933 [ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2333934 [ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42 https://bugzilla.redhat.com/show_bug.cgi?id=2340020 [ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc https://bugzilla.redhat.com/show_bug.cgi?id=2346253

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-1290a47fff' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: cutter-re
Product: Fedora 41
Version: 2.3.4
Release: 6.fc41
URL: https://cutter.re/
Summary: GUI for Rizin reverse engineering framework

Topics%20covered

Topics Covered

security advisory fedora buffer overflow integer overflow command injection resource consumption cutter-re uncontrolled consumption

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here