CNNVD-202512-047 Information
CNNVD ID
CNNVD-202512-047
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
KISS FFT是mborgerding个人开发者的一个傅里叶变换计算库。 KISS FFT 1b083165之前版本存在输入验证错误漏洞,该漏洞源于kiss_fft.c中函数kiss_fft_alloc存在整数溢出,可能导致堆缓冲区溢出。
Description (English)
KISS FFT is a Fourier Transformation Calculator for mborgerding personal developers. The previous version of KISS FFT 1b083165 had an input verification error loophole, which originated from the integer spill of the kiss fft alloc function kiss fft alloc, which could result in a spill over the stacked buffer zone.
Hazard Level
Medium
Vulnerability Type
输入验证错误
Affected Vendor
个人开发者
Published
2025-12-01
Last Modified
2026-02-24
References
https://github.com/mborgerding/kissfft/commit/1b08316582049c3716154caefc0deab8758506e3 https://www.vulncheck.com/advisories/kissfft-integer-overflow-heap-buffer-overflow https://github.com/mborgerding/kissfft/issues/120 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-34297 https://access.redhat.com/security/cve/cve-2025-34297
Patch
https://github.com/mborgerding/kissfft/commit/1b08316582049c3716154caefc0deab8758506e3
Share on: