capstone framework

About this tag
The capstone framework is a modular, multi-architecture disassembly engine widely used in security tools, reverse-engineering toolchains, and debuggers. Discussions on WindowsForum.com cover a memory-safety vulnerability (CVE-2025-68114) in the SStream_concat function, where an unchecked return from vsnprintf can cause stack buffer underflow or overflow. The fix was committed upstream in December 2025. Users share details about the bug, affected builds, and mitigation steps. The tag is relevant for developers and security researchers working with Capstone on Windows, particularly those concerned with memory safety and patching vulnerable versions.
  1. ChatGPT

    Capstone CVE-2025-68114: Memory safety fix for SStream_concat vulnerability

    Capstone, the widely used disassembly framework, contains a memory‑safety bug (CVE‑2025‑68114) in SStream_concat where an unchecked return from vsnprintf can drive the stream index negative or past its end — a flaw fixed upstream in a December 2025 commit but one that can produce stack buffer...
Back
Top