Home

Description

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust_demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analysis.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-10 | Updated 2026-06-10 | Assigner VulnCheck




MEDIUM: 6.7CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Problem types

Memory Allocation with Excessive Size Value

Product status

Default status
unaffected

Any version before 12.0.3
affected

12.0.3 (semver)
unaffected

Credits

Ze Sheng (@OwenSanzas) reporter

References

github.com/...ghidra/security/advisories/GHSA-m94m-fqr3-x442 exploit

github.com/...ghidra/security/advisories/GHSA-m94m-fqr3-x442 (GitHub Security Advisory (GHSA-m94m-fqr3-x442)) vendor-advisory

www.vulncheck.com/...t-symbol-demangler-via-malformed-symbol third-party-advisory

cve.org (CVE-2026-52753)

nvd.nist.gov (CVE-2026-52753)

Download JSON