漏洞关键信息 漏洞标题 libcoap < 4.3.5 Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE 严重程度 HIGH 发布日期 December 31, 2025 影响版本 libcoap < 4.3.5 prior to commit 30db3ea 漏洞ID CVE-2025-34468 CWE分类 CWE-121 Stack-based Buffer Overflow CVSS评分 CVSS v3.0 Base Score: 8.1/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N 参考链接 Vulnerability GitHub PR Vulnerability GitHub Patch Commit libcoap Product Webpage 作者 SecMate 漏洞描述 libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentially achieve remote code execution depending on compiler options and runtime memory protections. Exploitation requires the proxy logic to be enabled (i.e., the proxy request handling code path in an application using libcoap).