Описание
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStream_concat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achieve information disclosure, alter data, or cause a denial of service.
Отчет
This vulnerability is rated Moderate as an unchecked vsnprintf return in Capstone's SStream_concat function can lead to stack buffer underflow or overflow. Exploitation requires local access and user interaction. This affects Capstone and other components in Red Hat Enterprise Linux, OpenShift Container Platform, and Community Projects.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | capstone | Affected | ||
| Red Hat Enterprise Linux 10 | ruby | Not affected | ||
| Red Hat Enterprise Linux 10 | rust | Not affected | ||
| Red Hat Enterprise Linux 8 | ruby:3.3/ruby | Not affected | ||
| Red Hat Enterprise Linux 9 | ruby:3.3/ruby | Not affected | ||
| Red Hat Enterprise Linux 9 | rust | Not affected | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Affected | ||
| Red Hat Enterprise Linux 9 | capstone | Fixed | RHSA-2026:4898 | 18.03.2026 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.3 High
CVSS3
Связанные уязвимости
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.
Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prio ...
EPSS
7.3 High
CVSS3