Veröffentlicht am von ms-freelancer

CVE-2026-7425 – Out-of-Bounds Read in Router Advertisement Option Parser in FreeRTOS-Plus-TCP

CVE ID :CVE-2026-7425

Published : April 29, 2026, 8:16 p.m. | 2 hours, 1 minute ago

Description :Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size.

To mitigate this issue, users should upgrade to the fixed version when available.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…