CVE-2021-44078: 
Python vulnerability analysis and mitigation

An issue was discovered in splitregion in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. The specific flaw exists within the virtual memory manager. The issue results from the faulty comparison of GVA and GPA while calling ucmemmapptr to free part of a claimed memory block (Unicorn Advisory, NVD).

The vulnerability stems from an incorrect comparison in the virtual memory manager's split_region function. Specifically, the issue involves using block->offset instead of block->mr->addr when comparing memory addresses, leading to faulty memory management. The vulnerability has a CVSS v3.1 base score of 8.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H (NVD).

An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code on the host machine. This could lead to complete compromise of the system running the vulnerable Unicorn Engine instance (NVD).

The vulnerability has been fixed in Unicorn Engine version 2.0.0-rc5. Users should upgrade to this version or later to mitigate the risk. The fix involves correcting the offset comparison in the split_region function by using block->mr->addr instead of block->offset (Unicorn Patch).