CVE-2025-1674Out-of-bounds Read in Zephyr

CWE-125Out-of-bounds ReadCWE-476NULL Pointer Dereference3 documents3 sources
Severity
8.2HIGHNVD
EPSS
0.3%
top 47.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Zephyrproject-rtos ZephyrZephyrproject Zephyr
Timeline
PublishedFeb 25

Description

A lack of input validation allows for out of bounds reads caused by malicious or malformed packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:HExploitability: 3.9 | Impact: 4.2

Affected Packages2 packages

CVEListV5zephyrproject-rtos/zephyr*4.0

🔴Vulnerability Details

1
CVEList
Out of bounds read when unpacking DNS answers2025-02-25

📋Vendor Advisories

1
Microsoft
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim2022-05-10
CVE-2025-1674 — Out-of-bounds Read in Zephyr | cvebase