CVE-2021-44078 — HIGH (8.1)

Q: How severe is CVE-2021-44078?

CVE-2021-44078 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-44078?

Check the references section above for vendor advisories and patch information. Affected products include: Unicorn-Engine Unicorn Engine.

Vulnerability Description

An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw exists within the virtual memory manager. The issue results from the faulty comparison of GVA and GPA while calling uc_mem_map_ptr to free part of a claimed memory block. An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code on the host machine.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Unicorn-Engine	Unicorn Engine	<= 1.0.3

Related Weaknesses (CWE)

CWE-697

References

https://gist.github.com/jwang-a/cb4b6e9551457aa299066076b836a2cdThird Party Advisory
https://github.com/jwang-a/CTF/blob/master/MyChallenges/Pwn/Unicorns_Aisle/UnicoThird Party Advisory
https://github.com/unicorn-engine/unicorn/commit/c733bbada356b0373fa8aa72c044574PatchThird Party Advisory
https://github.com/unicorn-engine/unicorn/compare/2.0.0-rc4...2.0.0-rc5PatchThird Party Advisory
https://www.unicorn-engine.org/changelog/Vendor Advisory
https://gist.github.com/jwang-a/cb4b6e9551457aa299066076b836a2cdThird Party Advisory
https://github.com/jwang-a/CTF/blob/master/MyChallenges/Pwn/Unicorns_Aisle/UnicoThird Party Advisory
https://github.com/unicorn-engine/unicorn/commit/c733bbada356b0373fa8aa72c044574PatchThird Party Advisory
https://github.com/unicorn-engine/unicorn/compare/2.0.0-rc4...2.0.0-rc5PatchThird Party Advisory
https://www.unicorn-engine.org/changelog/Vendor Advisory

FAQ

What is CVE-2021-44078?

CVE-2021-44078 is a vulnerability with a CVSS score of 8.1 (HIGH). An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code i...

How severe is CVE-2021-44078?

CVE-2021-44078 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-44078?

Check the references section above for vendor advisories and patch information. Affected products include: Unicorn-Engine Unicorn Engine.