PT-2025-51920 · Capstone+2 · Capstone+2

Finder16

Published

2025-12-17

Updated

2026-04-07

CVE-2025-67873

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Capstone versions 6.0.0-Alpha5 and prior

Description Capstone, a disassembly framework, contains a flaw where the length of skipdata is not properly validated. A user-provided skipdata callback can trigger a heap buffer overflow in the disassembly path by allowing cs disasm/cs disasm iter to write beyond the allocated memory in cs insn.bytes, specifically exceeding 24 bytes. This occurs due to insufficient bounds checking.

Recommendations Update to a version later than 6.0.0-Alpha5.

Exploit

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2026:4898

ALSA-2026:6817

AZL-72700

AZL-72818

AZL-74915

BDU:2026-04944

CVE-2025-67873

GHSA-HJ6G-V545-V7JG

RHSA-2026:12781

RHSA-2026:13923

RHSA-2026:4898

RHSA-2026:5123

RHSA-2026:5124

RHSA-2026:5125

RHSA-2026:5224

RHSA-2026:6817

SUSE-SU-2026:0060-1

SUSE-SU-2026:20054-1

SUSE-SU-2026:20868-1

Affected Products

Capstone

Debian

Rocky Linux

PT-2025-51920 · Capstone+2 · Capstone+2

CVE-2025-67873

Weakness Enumeration

Related Identifiers

Affected Products

References · 45