CVE-2025-11617— Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP

CVSS 5.4 · Medium EPSS 0.06% · P18 Updated Oct 11, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-11617

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP

Source: NVD (National Vulnerability Database)

Vulnerability Description

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

缓冲区上溢读取

Source: NVD (National Vulnerability Database)

Vulnerability Title

FreeRTOS-Plus-TCP 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FreeRTOS-Plus-TCP是FreeRTOS开源的一种适用于 FreeRTOS 的可扩展的开源和线程安全 TCP/IP 堆栈。 FreeRTOS-Plus-TCP存在安全漏洞，该漏洞源于IPv6数据包处理代码缺少验证检查，可能导致越界读取。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
AWS	FreeRTOS-Plus-TCP	4.0.0 ~ 4.3.4	-

II. Public POCs for CVE-2025-11617

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-11617

请登录查看更多情报信息。

Same Patch Batch · AWS · 2025-10-10 · 3 CVEs total

CVE-2025-11616	5.4 MEDIUM	Buffer Over-read when receiving improperly sized ICMPv6 packets in FreeRTOS-Plus-TCP
CVE-2025-11618	4.3 MEDIUM	Invalid Pointer Dereference when receiving UDP/IPv6 packets in FreeRTOS-Plus-TCP

IV. Related Vulnerabilities

Same product: FreeRTOS-Plus-TCP

Same vendor: AWS

Same weakness: CWE-126

V. Comments for CVE-2025-11617

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-11617— Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP

I. Basic Information for CVE-2025-11617

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-11617

III. Intelligence Information for CVE-2025-11617

Same Patch Batch · AWS · 2025-10-10 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-11617

Leave a comment