Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-67873

Опубликовано: 17 дек. 2025
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond allocated memory, potentially leading to a denial of service (DoS) or arbitrary code execution.

Отчет

This vulnerability is rated Moderate because a heap buffer overflow in the Capstone disassembly framework can be exploited by a local attacker providing a specially crafted skipdata callback, potentially leading to denial of service or arbitrary code execution. Exploitation requires local access and user interaction.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10capstoneAffected
Red Hat Enterprise Linux 10rubyNot affected
Red Hat Enterprise Linux 10rustNot affected
Red Hat Enterprise Linux 8ruby:3.3/rubyNot affected
Red Hat Enterprise Linux 9ruby:3.3/rubyNot affected
Red Hat Enterprise Linux 9rustNot affected
Red Hat OpenShift Container Platform 4rhcosAffected
Red Hat Enterprise Linux 9capstoneFixedRHSA-2026:489818.03.2026

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=2423419capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

EPSS

Процентиль: 4%
0.00017
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-67873

CVSS3: 4.8
ubuntu
3 месяца назад

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.

nvd логотип

CVE-2025-67873

CVSS3: 4.8
nvd
3 месяца назад

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.

msrc логотип

CVE-2025-67873

CVSS3: 4.8
msrc
26 дней назад

Capstone doesn't check Skipdata length, leading to cs_insn.bytes heap buffer overflow

debian логотип

CVE-2025-67873

CVSS3: 4.8
debian
3 месяца назад

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prio ...

suse-cvrf логотип

SUSE-SU-2026:0060-1

suse-cvrf
3 месяца назад

Security update for capstone

EPSS

Процентиль: 4%
0.00017
Низкий

6.1 Medium

CVSS3