CVE-2016-7151Out-of-bounds Read in Capstone

CWE-125Out-of-bounds Read5 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 45.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Capstone-engine CapstoneDebian Capstone
Timeline
PublishedMay 15
Latest updateMay 24

Description

Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

debiandebian/capstone< capstone 4.0.2-2 (bookworm)
Debiancapstone-engine/capstone< 4.0.2-2+3

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
Capstone SEGV caused by a read memory access2022-05-24
OSV
Capstone SEGV caused by a read memory access2022-05-24
OSV
CVE-2016-7151: Capstone 32019-05-15

📋Vendor Advisories

1
Debian
CVE-2016-7151: capstone - Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory ...2016