CVE-2025-70085

Name of the Vulnerable Software and Affected Versions OpenSatKit version 2.2.1

Description The software contains a buffer overflow issue due to the use of sprintf without proper length checking when formatting filenames into the EventErrStr buffer. The EventErrStr buffer is fixed at 256 bytes. The sprintf function is used in functions like FILE ConcatenateCmd() and ConcatenateFiles() within the file.c file. If the combined length of the formatted filenames and constant text exceeds 256 bytes, a stack buffer overflow occurs. The filenames can approach OS MAX PATH LEN (typically 64-256 bytes) in length, contributing to the overflow.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the maximum length of filenames processed by the affected functions.