Primary

Context

CentSDR Stack Overflow Vulnerability in Thread1 Function

Vulnerability

A stack overflow vulnerability has been identified in the CentSDR project, specifically in the Thread1 function of commit e40795. The vulnerability arises from a fixed stack allocation of 128 bytes, which is insufficient for the worst-case call chain that may require approximately 224 bytes of stack space under certain configurations. This mismatch can lead to a stack overflow during execution.

Impact

Exploitation of this vulnerability may cause a system crash or result in undefined behavior.

Reproduction

To reproduce this vulnerability, enable stack usage analysis by adding '-fstack-usage' to the compiler flags. After building the project, inspect the generated '.su' files to observe that the Thread1 call chain exceeds the allocated stack size.

Added: Apr 15, 2026, 3:39 PM

Updated: Apr 15, 2026, 3:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.8

exploitability

4.6

remediation

0.0

relevance

6.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.8

exploitability

4.6

remediation

0.0

relevance

6.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CentSDR Stack Overflow Vulnerability in Thread1 Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating