PT-2025-41584 · Unknown · Freertos-Plus-Tcp
Ivan Gotovchits
·
Published
2025-10-10
·
Updated
2025-10-11
·
CVE-2025-11618
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
FreeRTOS-Plus-TCP (affected versions not specified)
Description
A missing validation check in the UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6.
Recommendations
Upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freertos-Plus-Tcp