CVE-2026-41445

Name of the Vulnerable Software and Affected Versions KissFFT versions prior to commit 8a8e66e

Description An integer overflow occurs in the kiss fftndr alloc() function within kiss fftndr.c. The allocation size calculation dimOther*(dimReal+2)*sizeof(kiss fft scalar) overflows signed 32-bit integer arithmetic before being widened to size t, leading to the allocation of an undersized buffer via malloc(). An attacker can trigger a heap buffer overflow by providing crafted dimensions that cause the multiplication to exceed INT MAX, enabling writes beyond the allocated buffer region when kiss fftndr() processes the data.

Recommendations Update to commit 8a8e66e or a newer version. As a temporary workaround, consider restricting the input dimensions used in the kiss fftndr alloc() function to prevent the calculation from exceeding the maximum value of a signed 32-bit integer.