CVE-2026-31053 — MEDIUM (6.2)

Vulnerability Description

A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the application to crash, resulting in a denial-of-service condition. An attacker with a crafted binary could cause a denial of service when the tool is integrated on a service pipeline.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rizin	Rizin	0.8.1

Related Weaknesses (CWE)

CWE-415

References

https://github.com/rizinorg/rizin/issues/5753ExploitIssue TrackingThird Party Advisory
https://github.com/rizinorg/rizin/pull/5795Issue TrackingPatch

FAQ

What is CVE-2026-31053?

CVE-2026-31053 is a vulnerability with a CVSS score of 6.2 (MEDIUM). A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple t...

How severe is CVE-2026-31053?

CVE-2026-31053 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-31053?

Check the references section above for vendor advisories and patch information. Affected products include: Rizin Rizin.