CVE-2025-5688

Summary

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.

Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Affected Software

VendorProductVersion RangeStatus
AmazonFreeRTOS2.3.4 < 4.3.2affected

Weaknesses

  • CWE-787: CWE-787: Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References