Primary

Context

rxi fe Out-of-Bounds Read Vulnerability in the read_ Function

Vulnerability

A global buffer overflow vulnerability has been identified in rxi fe versions prior to ed4cda96bd582cbb08520964ba627efb40f3dd91. The issue arises in the read_ function within src/fe.c, where improper input handling leads to an out-of-bounds read. This vulnerability requires local access to exploit and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a global buffer overflow, allowing for out-of-bounds memory access which could potentially be exploited to execute arbitrary code or cause a crash.

Reproduction

The vulnerability can be reproduced by building rxi fe with release optimization and AddressSanitizer (ASan) enabled. After compiling the program, it can be run with a specific input file that triggers the out-of-bounds read. The AddressSanitizer will report the buffer overflow error, indicating that the vulnerability has been successfully exploited.

Added: Mar 12, 2026, 8:18 AM

Updated: Mar 12, 2026, 8:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

rxi fe Out-of-Bounds Read Vulnerability in the read_ Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating