CVE-2016-7151

EUVD-2019-0161
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
capstone-enginecapstone
3.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
capstone
bookworm
4.0.2-5
fixed
bullseye
4.0.2-3
fixed
buster
no-dsa
jessie
not-affected
sid
4.0.2-5.1
fixed
stretch
no-dsa
trixie
4.0.2-5.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
capstone
bionic
needed
cosmic
ignored
disco
ignored
eoan
ignored
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
dne
xenial
needed
Common Weakness Enumeration
References
https://github.com/aquynh/capstone/commit/87a25bb543c8e4c09b48d4b4a6c7db31ce58df06
https://github.com/aquynh/capstone/pull/725
https://github.com/aquynh/capstone/commit/87a25bb543c8e4c09b48d4b4a6c7db31ce58df06
https://github.com/aquynh/capstone/pull/725