PT-2025-48537 · Kissfft · Kissfft
Sajeeb Lohani
·
Published
2025-12-01
·
Updated
2026-03-19
·
CVE-2025-34297
CVSS v4.0
8.6
High
| Vector | AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
KissFFT versions prior to commit 1b083165
Description
The software contains an integer overflow in the
kiss fft alloc() function within the kiss fft.c file. This occurs on 32-bit platforms where size t is 32-bit. The nfft parameter is not validated before being used in a size calculation, potentially wrapping to a small value when nfft is large. This leads to malloc() allocating an undersized buffer, and a subsequent initialization loop overwrites the buffer, resulting in a heap buffer overflow.Recommendations
Update to a version with commit 1b083165 or later.
Fix
RCE
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kissfft