VYPR

rpm package

suse/capstone&distro=SUSE Linux Micro 6.1

pkg:rpm/suse/capstone&distro=SUSE%20Linux%20Micro%206.1

Vulnerabilities (2)

  • CVE-2025-68114Dec 17, 2025
    affected < 4.0.2-slfo.1.1_2.1fixed 4.0.2-slfo.1.1_2.1

    Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs.

  • CVE-2025-67873Dec 17, 2025
    affected < 4.0.2-slfo.1.1_2.1fixed 4.0.2-slfo.1.1_2.1

    Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly p