Description

A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the application to crash, resulting in a denial-of-service condition. An attacker with a crafted binary could cause a denial of service when the tool is integrated on a service pipeline.

INFO

Published Date :

2026-04-06T00:00:00.000Z

Last Modified :

2026-04-06T19:42:43.611Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31053 vulnerability.

Vendors Products
Rizin
  • Rizin
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31053.

URL Resource
https://github.com/rizinorg/rizin/issues/5753 cve-icon cve-icon
https://github.com/rizinorg/rizin/pull/5795 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact