关联漏洞
标题:
Libxmp 安全漏洞
(CVE-2025-47256)
描述:Libxmp是Libxmp开源的一个将模块文件呈现为PCM数据的库。 Libxmp 4.6.2及之前版本存在安全漏洞,该漏洞源于loaders/prowizard/pha.c中depack_pha存在栈缓冲区溢出。
描述
Stack overflow in LibXMP
介绍
# CVE-2025-47256
Stack overflow in LibXMP
# Description
A stack-based buffer overflow vulnerability exists in the depack_pha() function of libxmp, a library for module music playback. The vulnerability is triggered when parsing malformed Pha Packer (PHA) module files.
Improper bounds checking on a local stack buffer allows an attacker to write data outside the bounds of the array, potentially leading to denial-of-service (DoS), and in certain conditions, remote code execution (RCE).
Build:
`gcc -g -O0 -I./libxmp/include poc.c poc_data.h ./libxmp/lib/libxmp.a -lm -lz -o poc_crasher`
# Vulnerability Type
Stack Buffer Overflow
# Vendor
libxmp project
GitHub: https://github.com/libxmp/libxmp
Issue: https://github.com/libxmp/libxmp/issues/847
# Affected Component
src/loaders/prowizard/pha.c
Function: depack_pha()
# Impacts
Denial of Service (DoS)
Potential Remote Code Execution (RCE) under specific build or runtime conditions
# Attack Vectors
An attacker can craft a malicious .mod or .pha file in Pha Packer format and feed it to any application linked with libxmp. The malformed file causes a stack buffer overflow during pattern parsing in depack_pha().
# Vendor Acknowledgment
This issue is in the process of being reported to the libxmp maintainers via GitHub Issues.
# Discoverer
Gareth C - https://www.anchorsec.co.uk
文件快照
[4.0K] /data/pocs/9da81f425b3e1d793c93f0b02454cf07852bf90f
├── [ 720] poc.c
├── [158K] poc_data.h
└── [1.3K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。