exploitDog

GHSA-c4jh-w3h2-9h7c

Опубликовано: 09 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

Ссылки

EPSS

Процентиль: 12%

0.00039

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-122

Связанные уязвимости

CVE-2025-49604

CVSS3: 5.4

nvd

7 месяцев назад

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

EPSS

Процентиль: 12%

0.00039

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-122