Buffer Over-read when receiving IPv6 packets with incorrect payload length...

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Description

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6.

We recommend users upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Basic Information

ID CVE-2025-11617

Source AMZN

Published Oct 10, 2025 at 17:10

Modified Oct 10, 2025 at 17:28

Affected Product

Vendor AWS

Product FreeRTOS-Plus-TCP

Version 4.0.0

Affected Versions AWS FreeRTOS-Plus-TCP 4.0.0

CWE Classification

CWE-126

References

{
    "lastseen": "",
    "description": "A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header.\u00a0This issue only affects applications using IPv6.\n\nWe recommend users upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.",
    "published": "2025-10-10T17:10:30.901Z",
    "modified": "2025-10-10T17:28:56.298Z",
    "type": "cve",
    "title": "Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP",
    "source": "AMZN",
    "references": "https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.3.4\nhttps://aws.amazon.com/security/security-bulletins/AWS-2025-023/\nhttps://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-wmjr-wm93-cvv2",
    "id": "CVE-2025-11617",
    "bulletinFamily": "",
    "cwe": [
        "CWE-126"
    ],
    "cvelist": null,
    "sourceData": "AWS FreeRTOS-Plus-TCP 4.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FreeRTOS-Plus-TCP",
    "version": "4.0.0",
    "vendor": "AWS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP_CVE-2025-11617