{"id":"CVE-2017-6952","details":"Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or possibly have unspecified other impact via a large value.","aliases":["GHSA-3v99-hpv7-9hh9","PYSEC-2017-113"],"modified":"2026-04-11T04:14:41.809809Z","published":"2017-03-16T21:59:00.167Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/97323"},{"type":"FIX","url":"https://github.com/aquynh/capstone/commit/6fe86eef621b9849f51a5e1e5d73258a93440403"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/capstone-engine/capstone","events":[{"introduced":"0"},{"last_affected":"e710e4fcf40302c25d7bdc28da93571a61f21f5d"},{"fixed":"6fe86eef621b9849f51a5e1e5d73258a93440403"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.4"}]}}],"versions":["1.0","2.0","2.0-rc1","2.1","2.1.1","2.1.2","3.0","3.0.1","3.0.1-rc1","3.0.1-rc2","3.0.2","3.0.4","3.0.5-rc1","3.0.5-rc2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6952.json","vanir_signatures_modified":"2026-04-11T04:14:41Z","vanir_signatures":[{"digest":{"line_hashes":["331421095236088974240939207082651457896","26141748944074518931480929965628406728","95820818226443039693097938414962905137","116558242482712798238222381980312680457","299763978166784540046880263981008656968","115219685334755051106185114443715803301","9152360951771229736369403315931431559"],"threshold":0.9},"source":"https://github.com/capstone-engine/capstone/commit/6fe86eef621b9849f51a5e1e5d73258a93440403","signature_type":"Line","target":{"file":"windows/winkernel_mm.c"},"signature_version":"v1","deprecated":false,"id":"CVE-2017-6952-14b41878"},{"digest":{"function_hash":"39689219605772159528049114784671918225","length":271},"source":"https://github.com/capstone-engine/capstone/commit/6fe86eef621b9849f51a5e1e5d73258a93440403","signature_type":"Function","target":{"function":"cs_winkernel_malloc","file":"windows/winkernel_mm.c"},"signature_version":"v1","deprecated":false,"id":"CVE-2017-6952-9f1e2663"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}