0Xkato

**Name of the Vulnerable Software and Affected Versions** Zephyr RTOS (affected versions not specified) **Description** The `dns unpack name()` function improperly manages buffer space when appending DNS labels, leading to a potential out-of-bounds write. Specifically, the function caches the buffer tailroom and reuses it, but this cached size becomes inaccurate as the buffer grows. When assertions are disabled (the default configuration), a crafted malicious DNS response can trigger this issue when `CONFIG DNS RESOLVER` is enabled. The issue involves writing past the buffer's boundaries when attempting to add the final null terminator. This could potentially lead to remote code execution (RCE) on IoT devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.