245 matches found
CVE-2026-7423 Integer Underflow in ICMP Echo Reply Processing in FreeRTOS-Plus-TCP
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...
EUVD-2026-26276
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...
CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...
CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...
EUVD-2026-26275
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...
CVE-2026-7422
CVE-2026-7422 affects FreeRTOS-Plus-TCP; insufficient packet validation in IPv4/IPv6 processing (before V4.2.6 and V4.4.1) allows an adjacent attacker to bypass checksum and minimum-size checks by spoofing the Ethernet source MAC to a local endpoint, since loopback-detection skips validation for ...
FreeRTOS-Plus-TCP 数字错误漏洞
FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to 4.4.1 and 4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer overflows in the ICMP and ICMPv6 echo reply handlers, which could...
FreeRTOS-Plus-TCP 缓冲区错误漏洞
FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...
PT-2026-35980
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...
FreeRTOS-Plus-TCP 安全漏洞
FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Security vulnerabilities existed in versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP. These vulnerabilities stemmed from insufficient data packet validation, allowing adjacent network participants...
PT-2026-35979
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIX INFORMATION option that is small...
FreeRTOS-Plus-TCP 数字错误漏洞
FreeRTOS-Plus-TCP is an extensible, open-source, and thread-safe TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.4.1 and V4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer underflow in the DHCPv6 sub-option parser, whic...
FreeRTOS-Plus-TCP 缓冲区错误漏洞
FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient option length validation in the IPv6 router advertisement...
PT-2026-35974
Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to V4.4.1 FreeRTOS-Plus-TCP versions prior to V4.2.6 Description An integer underflow exists in the ICMP and ICMPv6 echo reply handlers when outgoing ping support is enabled. This occurs because header sizes ar...
PT-2026-35973
Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to 4.2.6 FreeRTOS-Plus-TCP versions prior to 4.4.1 Description Insufficient packet validation allows an adjacent network actor to bypass checksum and minimum-size validation. This occurs because the loopback...
Exploit for CVE-2025-5688
CVE-2025-5688 – FreeRTOS-Plus-TCP Out-of-Bounds Write Exploit...
CVE-2021-31571
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation...
CVE-2025-11618
A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...
CVE-2025-11617
A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...
CVE-2025-11618
A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...