Skip to content

CVE v5 backports #2835

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Rot127 merged 2 commits into from
Dec 29, 2025
Merged

CVE v5 backports #2835

Rot127 merged 2 commits into from
Dec 29, 2025
+26 −6

Conversation

@Rot127
Copy link
Collaborator

@Rot127 Rot127 commented Dec 17, 2025

Your checklist for this pull request

  • I've documented or updated the documentation of every API function and struct this PR changes.
  • I've added tests that prove my fix is effective or that my feature works (if possible)

Detailed description

Backports the fixes for CVE-2025-68114 and CVE-2025-67873 reported by @Finder16.

2c77971
cbef767

Test plan

All green

Closing issues

...

@Rot127
Backport of 2c77971 to v5 branch.
6e6c5b0 
* Check return value of cs_vsnprintf for negative values.

This prevents underflow of SStream.index.
This bug was reported by Github user Finder16.

* Add overflow check before adding cs_vsnprintf return value.
@Rot127
Backport of cbef767 into v5.
c4167e1 
The overflow was reported by Github user Finder16
@Rot127 Rot127 merged commit 4d90b13 into capstone-engine:v5 Dec 29, 2025
16 of 17 checks passed
@Rot127 Rot127 deleted the cve-v5-backports branch December 29, 2025 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Rot127