PT-2025-41583 · Unknown · Freertos-Plus-Tcp

Ivan Gotovchits

Published

2025-10-10

Updated

2025-10-11

CVE-2025-11617

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP (affected versions not specified)

Description A validation flaw exists in the IPv6 packet processing code of FreeRTOS-Plus-TCP. This flaw can result in an out-of-bounds read when processing IPv6 packets containing incorrect payload lengths in the packet header. The issue is specific to applications utilizing IPv6.

Recommendations Upgrade to the latest version. Ensure any forked or derivative code is patched to incorporate the new fixes.

Fix

Buffer Over-read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126

Related Identifiers

BDU:2025-13130

CVE-2025-11617

GHSA-WMJR-WM93-CVV2

Affected Products

Freertos-Plus-Tcp

PT-2025-41583 · Unknown · Freertos-Plus-Tcp

CVE-2025-11617

Weakness Enumeration

Related Identifiers

Affected Products

References · 10