Buffer Over-read when receiving improperly sized ICMPv6 packets in FreeRTOS-Plus-TCP

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Description

A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6.

Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Basic Information

ID CVE-2025-11616

Source AMZN

Published Oct 10, 2025 at 17:10

Modified Oct 10, 2025 at 17:25

Affected Product

Vendor AWS

Product FreeRTOS-Plus_TCP

Version 4.0.0

Affected Versions AWS FreeRTOS-Plus_TCP 4.0.0

CWE Classification

CWE-126

References

{
    "lastseen": "",
    "description": "A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size.\u00a0These issues only affect applications using IPv6.\n\nUsers should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.",
    "published": "2025-10-10T17:10:27.015Z",
    "modified": "2025-10-10T17:25:24.888Z",
    "type": "cve",
    "title": "Buffer Over-read when receiving improperly sized ICMPv6 packets in FreeRTOS-Plus-TCP",
    "source": "AMZN",
    "references": "https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.3.4\nhttps://aws.amazon.com/security/security-bulletins/AWS-2025-023/\nhttps://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-8j9h-xjm9-8j6j",
    "id": "CVE-2025-11616",
    "bulletinFamily": "",
    "cwe": [
        "CWE-126"
    ],
    "cvelist": null,
    "sourceData": "AWS FreeRTOS-Plus_TCP 4.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FreeRTOS-Plus_TCP",
    "version": "4.0.0",
    "vendor": "AWS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Buffer Over-read when receiving improperly sized ICMPv6 packets in FreeRTOS-Plus-TCP_CVE-2025-11616