CVE-2025-67873

CVE-2025-67873

Name

CVE-2025-67873

Description

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/capstone-engine/capstone/commit/cbef767ab33b82166d263895f24084b75b316df3
CONFIRM	https://github.com/capstone-engine/capstone/security/advisories/GHSA-hj6g-v545-v7jg

Type

URI

MISC

https://github.com/capstone-engine/capstone/commit/cbef767ab33b82166d263895f24084b75b316df3

CONFIRM

https://github.com/capstone-engine/capstone/security/advisories/GHSA-hj6g-v545-v7jg

CPE URI	Source package	Min version	Max version
	capstone	>= 0	<= 6.0.0-Alpha5
`cpe:2.3:a:capstone-engine:capstone::::::::`	capstone	>= None	< 6.0.0

CPE URI

Source package

Min version

Max version

capstone

>= 0

<= 6.0.0-Alpha5

cpe:2.3:a:capstone-engine:capstone:*:*:*:*:*:*:*:*

capstone

>= None

< 6.0.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
capstone	edge-community	5.0.6-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
capstone	edge-community	5.0.5-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
capstone	edge-community	5.0.3-r1	Celeste <cielesti@protonmail.com>	possibly vulnerable
capstone	edge-community	5.0.3-r0	Valery Kartel <valery.kartel@gmail.com>	possibly vulnerable
capstone	3.23-community	5.0.6-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
capstone	3.22-community	5.0.6-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
capstone	3.22-community	5.0.3-r0	Valery Kartel <valery.kartel@gmail.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

capstone

edge-community

5.0.6-r0

Celeste <cielesti@protonmail.com>

possibly vulnerable

capstone

edge-community