CVE-2025-34297
HIGHmborgerding/kissfft < 1b083165 - Heap Buffer Overflow via Integer Overflow in kiss_fft_alloc
Title source: llmDescription
KissFFT versions prior to the fix commit 1b083165 contain an integer overflow in kiss_fft_alloc() in kiss_fft.c on platforms where size_t is 32-bit. The nfft parameter is not validated before being used in a size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)), which can wrap to a small value when nfft is large. As a result, malloc() allocates an undersized buffer and the subsequent twiddle-factor initialization loop writes nfft elements, causing a heap buffer overflow. This vulnerability only affects 32-bit architectures.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/kissfft-integer-overflow-heap-buffer-overflow
Issue Tracking issue-tracking
https://github.com/mborgerding/kissfft/issues/120
Scores
CVSS v4
8.6
EPSS
0.0015
EPSS Percentile
4.6%
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-190
Status
published
Products (2)
mborgerding/kissfft/mborgerding/kissfft
< 1b08316582049c3716154caefc0deab8758506e3
mborgerding/kissfft/mborgerding/kissfft
< commit 1b083165
Published
Dec 01, 2025
Tracked Since
Feb 18, 2026