CVE-2025-40843
published 2025-10-28CVE-2025-40843: CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1…
PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.17%
7.1th percentile
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.
This issue affects CodeChecker: through 6.26.1.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ericsson | codechecker | < 6.26.2 | 6.26.2 |
| ericsson | codechecker | <= 6.26.1 | — |
| ericsson | codechecker | >= 0 < 6.26.2 | 6.26.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CodeChecker has a buffer overflow in the log command
osv·2025-09-22
CVE-2025-40843 [MEDIUM] CodeChecker has a buffer overflow in the log command
CodeChecker has a buffer overflow in the log command
### Summary
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command.
### Details
Unsafe usage of `strcpy()` function in the internal `ldlogger` library allows attackers to trigger a buffer overflow by supplying crafted inputs from the command line. Specifically, the destination buffer is stack-allocated with a fixed size of 4096 bytes, while `strcpy()` is called without any length checks, enabling an attacker to overrun the buffer.
### PoC
Example script is included below to illustrate how this vulnerability can be exploited.
```bash
#!/bin/bash
export CC_LOGGER_DEF_DIRS=1;
payload=''; for i in $(seq 1 4090); do payload+='A'; done
GHSA
CodeChecker has a buffer overflow in the log command
ghsa·2025-09-22
CVE-2025-40843 [MEDIUM] CWE-121 CodeChecker has a buffer overflow in the log command
CodeChecker has a buffer overflow in the log command
### Summary
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command.
### Details
Unsafe usage of `strcpy()` function in the internal `ldlogger` library allows attackers to trigger a buffer overflow by supplying crafted inputs from the command line. Specifically, the destination buffer is stack-allocated with a fixed size of 4096 bytes, while `strcpy()` is called without any length checks, enabling an attacker to overrun the buffer.
### PoC
Example script is included below to illustrate how this vulnerability can be exploited.
```bash
#!/bin/bash
export CC_LOGGER_DEF_DIRS=1;
payload=''; for i in $(seq 1 4090); do payload+='A'; done
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-28
Published