capstone-4.0.2-11.el9_7

エラータID: AXSA:2026-346:01

Release date: 
Saturday, March 21, 2026 - 18:17
Subject: 
capstone-4.0.2-11.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community.

Security Fix(es):

* capstone: Capstone: Memory corruption via unchecked vsnprintf return (CVE-2025-68114)
* capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution. (CVE-2025-67873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-67873
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.
CVE-2025-68114
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.

Solution: 

Update packages.

CVEs: 
CVE-2025-67873
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767ab33b82166d263895f24084b75b316df3 fixes the issue.
CVE-2025-68114
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a1618be12017d7d41e0b6581d5d529e fixes the issue.
Additional Info: 

N/A

Download: 

SRPMS
  1. capstone-4.0.2-11.el9_7.src.rpm
    MD5: 0e1cf273096500775fe389d16f9b9336
    SHA-256: 07d61c87198afd94c669fcb8ee381ed993a587f94442bdbbe82afabb6cc8b16f
    Size: 3.17 MB

Asianux Server 9 for x86_64
  1. capstone-4.0.2-11.el9_7.i686.rpm
    MD5: 7db1a8bd9065c8078e36859e355a1142
    SHA-256: e127ddb418c99551024b9ffaab4df3d08d03dffb21751a37ad1c6dcb7e57df39
    Size: 758.83 kB
  2. capstone-4.0.2-11.el9_7.x86_64.rpm
    MD5: 1ba114a3fe8d493ac727fed67f1e7319
    SHA-256: 2ab9fb4fec93270ef44e7135356d1960789bccaa259b027b8138b7ab2356b363
    Size: 754.92 kB
  3. capstone-devel-4.0.2-11.el9_7.i686.rpm
    MD5: ee5e623676440288439c23a7c6514572
    SHA-256: 3276e68d10f898e4a8ac26d6127a2cc2d9fe7e4a088b486527a93a841575060d
    Size: 53.85 kB
  4. capstone-devel-4.0.2-11.el9_7.x86_64.rpm
    MD5: 226cf78ff594ba0c1b285f3a0fe1ec96
    SHA-256: b39c964bffa3be9eae15cdea471e5ed6b6196c655b3dd3357a7bdfe6840367f8
    Size: 53.86 kB
  5. capstone-java-4.0.2-11.el9_7.noarch.rpm
    MD5: bfe895ccc9308834305d15c3a5941d3f
    SHA-256: eab3f6d676ce8105bcd699d12026f643c726c1a00b331180d2c1204786e81921
    Size: 108.48 kB
  6. python3-capstone-4.0.2-11.el9_7.x86_64.rpm
    MD5: 59180ac5ceaee55aa465686bece2fdb7
    SHA-256: 695b516604fbd513cf8881e69e59ac5fbf5a95ac14f60a27f4ba3a02f9c3c20e
    Size: 1.29 MB