CVE-2025-67873Heap-based Buffer Overflow in Capstone

CWE-122Heap-based Buffer Overflow7 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 93.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Capstone-engine CapstoneDebian CapstoneMsrc Azl3 Rust 1.75.0-22 ON Azure Linux 3.0+3 more
Timeline
PublishedDec 17

Description

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

debiandebian/capstone< capstone 5.0.7-1 (forky)
Debiancapstone-engine/capstone< 5.0.7-1~deb13u1+1
CVEListV5capstone-engine/capstone6.0.0-Alpha5

Patches

Patch: github.com

🔴Vulnerability Details

1
OSV
CVE-2025-67873: Capstone is a disassembly framework2025-12-17

📋Vendor Advisories

3
Red Hat
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.2025-12-17
Microsoft
Capstone doesn't check Skipdata length, leading to cs_insn.bytes heap buffer overflow2025-12-09
Debian
CVE-2025-67873: capstone - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdat...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-67873 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2025-67873 capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.2025-12-17