CVE-2025-66646— RIOT 代码问题漏洞

RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packet with fragment offset 0 and an empty payload, the payload pointer is set to NULL. However, the implementation still tries to copy the payload into the reassembly buffer, resulting in a NULL pointer dereference which crashes the OS (DoS). To trigger the vulnerability, the `gnrc_ipv6_ext_frag` module must be enabled and the attacker must be able to send arbitrary IPv6 packets to the victim. RIOT OS v2025.10 fixes the issue.

N/A

空指针解引用

RIOT 代码问题漏洞

RIOT是RIOT开源的一套应用于物联网领域的操作系统。 RIOT v2025.07版本存在代码问题漏洞，该漏洞源于IPv6分片重组实现存在空指针取消引用，可能导致操作系统崩溃。

N/A

N/A