Rapid7 Vulnerability & Exploit Database

FreeBSD: VID-17083017-D993-43EB-8AAF-7138F4486D1C (CVE-2021-44078): py39-unicorn -- sandbox escape and arbitrary code execution vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

FreeBSD: VID-17083017-D993-43EB-8AAF-7138F4486D1C (CVE-2021-44078): py39-unicorn -- sandbox escape and arbitrary code execution vulnerability

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
12/26/2021
Created
05/05/2023
Added
04/14/2023
Modified
04/14/2023

Description

An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw exists within the virtual memory manager. The issue results from the faulty comparison of GVA and GPA while calling uc_mem_map_ptr to free part of a claimed memory block. An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code on the host machine.

Solution(s)

  • freebsd-upgrade-package-py39-unicorn

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;