CVE-2022-29695
https://notcve.org/view.php?id=CVE-2022-29695
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization. Unicorn Engine versión v2.0.0-rc7, contiene pérdidas de memoria causadas por una inicialización incompleta del motor unicorn • https://github.com/unicorn-engine/unicorn/commit/5a79d7879ca3ee0ce684ad6576d8ac15e8d90fc7 https://github.com/unicorn-engine/unicorn/issues/1595 • CWE-665: Improper Initialization •
CVE-2022-29694
https://notcve.org/view.php?id=CVE-2022-29694
Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free. Se ha detectado que Unicorn Engine versiones v2.0.0-rc7 y anteriores, contienen una desreferencia de puntero NULL por medio de qemu_ram_free • https://github.com/unicorn-engine/unicorn/commit/3d3deac5e6d38602b689c4fef5dac004f07a2e63 https://github.com/unicorn-engine/unicorn/issues/1588 https://github.com/unicorn-engine/unicorn/pull/1593/commits/31389e59457f304be3809f9679f91a42daa7ebaa https://github.com/unicorn-engine/unicorn/pull/1593/commits/6a879a082d4d67a5d13f1233ae0334cde0a7f844 https://violentbinary.github.io/posts/2-simple-analysis-of-software-virtualization-of-memory-in-unicorn-engine • CWE-476: NULL Pointer Dereference •
CVE-2022-29693
https://notcve.org/view.php?id=CVE-2022-29693
Unicorn Engine v2.0.0-rc7 and below was discovered to contain a memory leak via the function uc_close at /my/unicorn/uc.c. Se ha detectado que Unicorn Engine versiones v2.0.0-rc7 y anteriores ,contenían una pérdida de memoria por medio de la función uc_close en el archivo /my/unicorn/uc.c • https://github.com/unicorn-engine/unicorn/commit/469fc4c35a0cfabdbefb158e22d145f4ee6f77b9 https://github.com/unicorn-engine/unicorn/issues/1586 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-44078
https://notcve.org/view.php?id=CVE-2021-44078
An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw exists within the virtual memory manager. The issue results from the faulty comparison of GVA and GPA while calling uc_mem_map_ptr to free part of a claimed memory block. • https://gist.github.com/jwang-a/cb4b6e9551457aa299066076b836a2cd https://github.com/jwang-a/CTF/blob/master/MyChallenges/Pwn/Unicorns_Aisle/UnicornsAisle.pdf https://github.com/unicorn-engine/unicorn/commit/c733bbada356b0373fa8aa72c044574bb855fd24 https://github.com/unicorn-engine/unicorn/compare/2.0.0-rc4...2.0.0-rc5 https://www.unicorn-engine.org/changelog • CWE-697: Incorrect Comparison •
CVE-2021-36979
https://notcve.org/view.php?id=CVE-2021-36979
Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb). Unicorn Engine versión 1.0.2, presenta una escritura fuera de límites en la función tb_flush_armeb (llamada desde cpu_arm_exec_armeb y tcg_cpu_exec_armeb) • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30391 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unicorn/OSV-2020-2305.yaml https://github.com/unicorn-engine/unicorn/commit/bf1713d9e011b55ca1f502a6779fc4722b4bb077 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ6LOCJXHQVU6SCJLFDJINBOVJYYENLX • CWE-787: Out-of-bounds Write •