rpm package
suse/capstone&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/capstone&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68114 | — | < 4.0.2-slfo.1.1_2.1 | 4.0.2-slfo.1.1_2.1 | Dec 17, 2025 | Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. | ||
| CVE-2025-67873 | — | < 4.0.2-slfo.1.1_2.1 | 4.0.2-slfo.1.1_2.1 | Dec 17, 2025 | Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly p |
- CVE-2025-68114Dec 17, 2025affected < 4.0.2-slfo.1.1_2.1fixed 4.0.2-slfo.1.1_2.1
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs.
- CVE-2025-67873Dec 17, 2025affected < 4.0.2-slfo.1.1_2.1fixed 4.0.2-slfo.1.1_2.1
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly p