CVE-2026-7425

Summary

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size.

To mitigate this issue, users should upgrade to the fixed version when available.

Affected Software

VendorProductVersion RangeStatus
AWSFreeRTOS-Plus-TCP4.0.0 < 4.2.6affected
AWSFreeRTOS-Plus-TCP4.3.0 < 4.4.1affected
AWSFreeRTOS-Plus-TCP4.2.6unaffected
AWSFreeRTOS-Plus-TCP4.4.1unaffected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References