CVE-2025-34458— wb2osz/direwolf <= 1.8.1 Reachable Assertion DoS
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-34458
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wb2osz/direwolf <= 1.8.1 Reachable Assertion DoS
Source: NVD (National Vulnerability Database)
Vulnerability Description
wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
可达断言
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dire Wolf 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dire Wolf是wb2osz个人开发者的一个软件无线电调制解调器。 Dire Wolf 1.8及之前版本存在安全漏洞,该漏洞源于APRS MIC-E解码器存在可达断言漏洞,可能导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-34458
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-34458
请登录查看更多情报信息。
- wb2osz/direwolf <= 1.8.1 Reachable Assertion DoS | Advisories | VulnCheckthird-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-34458
IV. Related Vulnerabilities
Same weakness: CWE-617
- CVE-2026-8257
WebAssembly Binaryen BrOn wasm-ir-builder.cpp makeBrOn asser - CVE-2026-41584
ZEBRA: rk Identity Point Panic in Transaction Verification - CVE-2026-20450
MediaTek Chipsets 安全漏洞 - CVE-2026-41485
Kyverno Controller Denial of Service via forEach Mutation Pa - CVE-2026-34067
nimiq-transaction vulnerable to panic via `HistoryTreeProof`
V. Comments for CVE-2025-34458
No comments yet