15 matches found
Medium: capstone
Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Comm...
Amazon Linux 2 : capstone, --advisory ALAS2-2026-3351 (ALAS-2026-3351)
The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3351 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a...
Medium: capstone
Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Comm...
Amazon Linux 2023 : capstone, capstone-devel, capstone-java (ALAS2023-2026-1772)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1772 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the en...
capstone security update
An update is available for capstone. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Capstone is a disassembly framework with the target of becoming the ultimat...
Oracle Linux 10 : capstone (ELSA-2026-6817)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6817 advisory. - Fix CVE-2025-67873 heap buffer overflow Resolves: RHEL-141551 Tenable has extracted the preceding description block directly from the Oracle Linux...
SUSE-SU-2026:20868-1 Security update for capstone
This update for capstone fixes the following issues: - CVE-2025-67873: Skipdata length unchecked leads to csinsn.bytes heap buffer overflow bsc1255309. - CVE-2025-68114: Unchecked vsnprintf return in SStreamconcat allows stack buffer overflow bsc1255310...
RHEL 10 : capstone (RHSA-2026:5224)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5224 advisory. Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the securit...
RHEL 9 : capstone (RHSA-2026:5124)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5124 advisory. Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security...
capstone security update
4.0.2-11 - Fix CVE-2025-68114 memory corruption and CVE-2025-67873 heap buffer overflow Resolves: RHEL-137758...
CVE-2025-68114
creationtimestamp| type| source ---|---|--- 2026-01-08 11:11:59+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mbvtx2bytc2l 2026-01-08 11:12:31+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mbvtxxidbc2l 2026-01-08 11:33:23+00:00| seen|...
Security update for capstone
This update for capstone fixes the following issues: Security issues fixed: CVE-2025-67873: missing bounds check on user-provided skipdata callback can lead to a heap buffer overflow bsc1255309. CVE-2025-68114: unchecked vsnprintf return value can lead to a stack buffer overflow bsc1255310. Other...
Linux Distros Unpatched Vulnerability : CVE-2025-68114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf driv...
AZL-72821 CVE-2025-68114 affecting package capstone 4.0.2-4
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...
CVE-2025-68114
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...