Red Hat Product Errata RHSA-2026:5224 - Security Advisory
Issued:
2026-03-23
Updated:
2026-03-23

RHSA-2026:5224 - Security Advisory

Synopsis

Moderate: capstone security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for capstone is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community.

Security Fix(es):

  • capstone: Capstone: Memory corruption via unchecked vsnprintf return (CVE-2025-68114)
  • capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution. (CVE-2025-67873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

  • BZ - 2423416 - CVE-2025-68114 capstone: Capstone: Memory corruption via unchecked vsnprintf return
  • BZ - 2423419 - CVE-2025-67873 capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
x86_64
capstone-5.0.1-7.el10_0.x86_64.rpm SHA-256: 9f5a24a7195e310ae68fcf6c9807ee5280c238183b279e61b5dbc3c50d5c9220
capstone-debuginfo-5.0.1-7.el10_0.x86_64.rpm SHA-256: dba21759f31add53e886c0642e52bac6833ab52d160bf9ddbcd33f55b9a29848
capstone-debugsource-5.0.1-7.el10_0.x86_64.rpm SHA-256: a9e6d3b9d2fe29776d1cdb0fe49f91bf770cfb299523cd3ca362f1757ae4239e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
s390x
capstone-5.0.1-7.el10_0.s390x.rpm SHA-256: 41c5ae871eb3d87126e8e8d7563208f91f3201c89eab656595852c4005ce2597
capstone-debuginfo-5.0.1-7.el10_0.s390x.rpm SHA-256: 9473c363af9144e93fa31b9277ee2b65524a2e4916906f1811eab439fa1c124a
capstone-debugsource-5.0.1-7.el10_0.s390x.rpm SHA-256: 2046dcced918d33c0a64af49c2b3ca229c360203610f04dca2f74f3cd88a7e07

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
ppc64le
capstone-5.0.1-7.el10_0.ppc64le.rpm SHA-256: c8c01e7f36cb76622bef2b3b455af8291ca82a53fd4278e623c79d0a5e557484
capstone-debuginfo-5.0.1-7.el10_0.ppc64le.rpm SHA-256: ae70b76ead255fb099cb0bbe894d955be4b762fa1b7525be20b960d52f90c849
capstone-debugsource-5.0.1-7.el10_0.ppc64le.rpm SHA-256: 5844a5d41094216483194f6acabeaf8ed2e07965e343589cc3ad09e6ac6b1a7b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
aarch64
capstone-5.0.1-7.el10_0.aarch64.rpm SHA-256: 4166894790f2da61468b81b4e4640c7666629bb4db8a332cc6d119b2d2e7b7be
capstone-debuginfo-5.0.1-7.el10_0.aarch64.rpm SHA-256: db468882a8da6dad8ed130c5bc05f67e52a0c155b8f725c467dbbcc490503900
capstone-debugsource-5.0.1-7.el10_0.aarch64.rpm SHA-256: b09063d5c8dfcfd6428b0f17b81d7e47c31df01b3f4edb13056dda3c1a53bcde

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0

SRPM
x86_64
capstone-debuginfo-5.0.1-7.el10_0.x86_64.rpm SHA-256: dba21759f31add53e886c0642e52bac6833ab52d160bf9ddbcd33f55b9a29848
capstone-debugsource-5.0.1-7.el10_0.x86_64.rpm SHA-256: a9e6d3b9d2fe29776d1cdb0fe49f91bf770cfb299523cd3ca362f1757ae4239e
capstone-devel-5.0.1-7.el10_0.x86_64.rpm SHA-256: b5c38ae08056fd3ca08eb0491547d68d272629a8b7519dbe4c8330225b685597
capstone-java-5.0.1-7.el10_0.noarch.rpm SHA-256: 4758074deec5940d42daa08d36587a24072c75a69f92ebeb948151a05bb413c4
python3-capstone-5.0.1-7.el10_0.noarch.rpm SHA-256: a8a7169979bd2244d347aec7474c92ee7773025e3feaa5b9096674b707dc9b2b

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0

SRPM
ppc64le
capstone-debuginfo-5.0.1-7.el10_0.ppc64le.rpm SHA-256: ae70b76ead255fb099cb0bbe894d955be4b762fa1b7525be20b960d52f90c849
capstone-debugsource-5.0.1-7.el10_0.ppc64le.rpm SHA-256: 5844a5d41094216483194f6acabeaf8ed2e07965e343589cc3ad09e6ac6b1a7b
capstone-devel-5.0.1-7.el10_0.ppc64le.rpm SHA-256: 26b2e1ab0dfef5a7b3c328aeee36ed7f4cadf3cdc85da4450c75e830ca2e27c7
capstone-java-5.0.1-7.el10_0.noarch.rpm SHA-256: 4758074deec5940d42daa08d36587a24072c75a69f92ebeb948151a05bb413c4
python3-capstone-5.0.1-7.el10_0.noarch.rpm SHA-256: a8a7169979bd2244d347aec7474c92ee7773025e3feaa5b9096674b707dc9b2b

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0

SRPM
s390x
capstone-debuginfo-5.0.1-7.el10_0.s390x.rpm SHA-256: 9473c363af9144e93fa31b9277ee2b65524a2e4916906f1811eab439fa1c124a
capstone-debugsource-5.0.1-7.el10_0.s390x.rpm SHA-256: 2046dcced918d33c0a64af49c2b3ca229c360203610f04dca2f74f3cd88a7e07
capstone-devel-5.0.1-7.el10_0.s390x.rpm SHA-256: ce17644ec0306983ec8e38bfaee598d4d19f719717f4c9bf95e1ae788b3acc5b
capstone-java-5.0.1-7.el10_0.noarch.rpm SHA-256: 4758074deec5940d42daa08d36587a24072c75a69f92ebeb948151a05bb413c4
python3-capstone-5.0.1-7.el10_0.noarch.rpm SHA-256: a8a7169979bd2244d347aec7474c92ee7773025e3feaa5b9096674b707dc9b2b

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0

SRPM
aarch64
capstone-debuginfo-5.0.1-7.el10_0.aarch64.rpm SHA-256: db468882a8da6dad8ed130c5bc05f67e52a0c155b8f725c467dbbcc490503900
capstone-debugsource-5.0.1-7.el10_0.aarch64.rpm SHA-256: b09063d5c8dfcfd6428b0f17b81d7e47c31df01b3f4edb13056dda3c1a53bcde
capstone-devel-5.0.1-7.el10_0.aarch64.rpm SHA-256: d0e763c1c616cc5e80b58f2de11dcdc0c887b85fae7f115557736c34e93c728b
capstone-java-5.0.1-7.el10_0.noarch.rpm SHA-256: 4758074deec5940d42daa08d36587a24072c75a69f92ebeb948151a05bb413c4
python3-capstone-5.0.1-7.el10_0.noarch.rpm SHA-256: a8a7169979bd2244d347aec7474c92ee7773025e3feaa5b9096674b707dc9b2b

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
aarch64
capstone-5.0.1-7.el10_0.aarch64.rpm SHA-256: 4166894790f2da61468b81b4e4640c7666629bb4db8a332cc6d119b2d2e7b7be
capstone-debuginfo-5.0.1-7.el10_0.aarch64.rpm SHA-256: db468882a8da6dad8ed130c5bc05f67e52a0c155b8f725c467dbbcc490503900
capstone-debugsource-5.0.1-7.el10_0.aarch64.rpm SHA-256: b09063d5c8dfcfd6428b0f17b81d7e47c31df01b3f4edb13056dda3c1a53bcde

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
s390x
capstone-5.0.1-7.el10_0.s390x.rpm SHA-256: 41c5ae871eb3d87126e8e8d7563208f91f3201c89eab656595852c4005ce2597
capstone-debuginfo-5.0.1-7.el10_0.s390x.rpm SHA-256: 9473c363af9144e93fa31b9277ee2b65524a2e4916906f1811eab439fa1c124a
capstone-debugsource-5.0.1-7.el10_0.s390x.rpm SHA-256: 2046dcced918d33c0a64af49c2b3ca229c360203610f04dca2f74f3cd88a7e07

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
ppc64le
capstone-5.0.1-7.el10_0.ppc64le.rpm SHA-256: c8c01e7f36cb76622bef2b3b455af8291ca82a53fd4278e623c79d0a5e557484
capstone-debuginfo-5.0.1-7.el10_0.ppc64le.rpm SHA-256: ae70b76ead255fb099cb0bbe894d955be4b762fa1b7525be20b960d52f90c849
capstone-debugsource-5.0.1-7.el10_0.ppc64le.rpm SHA-256: 5844a5d41094216483194f6acabeaf8ed2e07965e343589cc3ad09e6ac6b1a7b

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
capstone-5.0.1-7.el10_0.src.rpm SHA-256: 9bbe58e4f97addce307f2bac1b740feb8e4e6ecce83a0b877ffbb6584df386c6
x86_64
capstone-5.0.1-7.el10_0.x86_64.rpm SHA-256: 9f5a24a7195e310ae68fcf6c9807ee5280c238183b279e61b5dbc3c50d5c9220
capstone-debuginfo-5.0.1-7.el10_0.x86_64.rpm SHA-256: dba21759f31add53e886c0642e52bac6833ab52d160bf9ddbcd33f55b9a29848
capstone-debugsource-5.0.1-7.el10_0.x86_64.rpm SHA-256: a9e6d3b9d2fe29776d1cdb0fe49f91bf770cfb299523cd3ca362f1757ae4239e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.