CNNVD-202512-3191 Information

CNNVD ID

CNNVD-202512-3191

Related CVE

CVE-2025-67873

• CNNVD Published: 2025-12-17

Description (Chinese)

Capstone是美国Capstone公司的一套跨平台的反汇编框架，它可支持用于二进制分析和安全通讯反向工程等。 Capstone 6.0.0-Alpha5及之前版本存在安全漏洞，该漏洞源于Skipdata长度未进行边界检查，可能导致堆缓冲区溢出。

Description (English)

Capstone is a cross-platform counter-compilation framework for the United States company Capstone that supports, for example, binary analysis and secure communications reverse engineering. The security gap in Capstone 6.0.0-Alpha5 and earlier versions stemmed from the lack of border checks on the length of Skipdata, which could result in the spilling out of the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Capstone

Published

2025-12-17

Last Modified

2026-02-24

References

https://github.com/capstone-engine/capstone/commit/cbef767ab33b82166d263895f24084b75b316df3 https://github.com/capstone-engine/capstone/security/advisories/GHSA-hj6g-v545-v7jg