anonhaven
Ad

CVE-2025-40843

MEDIUM CVSS 3.1: 5.9 EPSS 0.02%
Updated Nov 14, 2025
Ericsson
Parameter Value
CVSS 5.9 (MEDIUM)
Affected Versions before 6.26.2
Fixed In 6.26.2
Type CWE-121 (Stack-based Buffer Overflow)
Vendor Ericsson
Public PoC No

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects CodeChecker: through 6.26.1.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
Low
Partial data leak
Integrity
Low
Partial data modification
Availability
Low
Partial disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-121 Stack-based Buffer Overflow

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Ericsson Codechecker
cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*
 6.26.2

References 1

https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r
85b1779b-6ecd-4f52-bcc5-73eac4659dcf
Share Post Share Share Share

Related Vulnerabilities

CVE-2025-40842

Ericsson

8.5

CVE-2025-40841

Ericsson

5.1

CVE-2025-27260

Ericsson

7.2

CVE-2025-1300

Ericsson

6.1

CVE-2024-53829

Ericsson

8.2