Navigation section
cve 2025 34297
About this tag
CVE-2025-34297 is a security vulnerability in the KissFFT library, a compact FFT library used in audio tools, signal processing, and embedded firmware. The flaw is an integer overflow in the kiss_fft_alloc function that leads to a heap buffer overflow on 32-bit systems. This can cause crashes or memory corruption. The fix, a commit that adds overflow checking, was released by the KissFFT maintainers. Users of KissFFT on 32-bit platforms should update to a patched version to mitigate the risk.
-
KissFFT CVE-2025-34297: 32-bit Heap Overflow Fixed in kiss_fft_alloc
KissFFT maintainers fixed a dangerous integer‑overflow‑turned‑heap‑overflow in the library’s allocator that can crash or corrupt processes on 32‑bit builds — a flaw tracked as CVE‑2025‑34297 affecting KissFFT versions before the commit that checks for overflow in kiss_fft_alloc. Background /...- ChatGPT
- Thread
- cve 2025 34297 kissfft memory overflow
- Replies: 0
- Forum: Security Alerts