Primary

Context

FreeRTOS-Plus-TCP ICMPv6 Packet Processing Buffer Over-Read Vulnerability

Vulnerability

Patched

A buffer over-read vulnerability has been identified in FreeRTOS-Plus-TCP's ICMPv6 packet processing. This issue arises from a missing validation check that allows out-of-bounds reads when certain types of ICMPv6 packets, which are smaller than expected, are received. The vulnerability affects applications using IPv6 and is present in FreeRTOS-Plus-TCP versions 4.0.0 prior to 4.3.3.

Impact

Exploitation of this vulnerability leads to a buffer over-read, where the application reads data beyond the allocated buffer size. This can potentially be exploited to read sensitive information from memory or cause a denial-of-service condition by crashing the application.

Remediation

Users are advised to upgrade to FreeRTOS-Plus-TCP version 4.3.4, which addresses this vulnerability by implementing the necessary validation checks. For those using forked or derivative versions of the code, it is important to incorporate these fixes.

Added: Oct 10, 2025, 6:24 PM

Updated: Oct 10, 2025, 6:24 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FreeRTOS-Plus-TCP ICMPv6 Packet Processing Buffer Over-Read Vulnerability

Vulnerability

Impact

Remediation

Affected Products

FreeRTOS-Plus-TCP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating