CVE-2025-1673 | zephyrproject-rtos Zephyr up to 4.0 resolve.c dns_validate_msg out-of-bounds (GHSA-jjhx-rrh4-j8mx)

Posted by Angelo Barbosa | Feb 25, 2025 | CVE

A vulnerability was found in zephyrproject-rtos Zephyr up to 4.0. It has been declared as problematic. Affected by this vulnerability is the function dns_validate_msg of the file subsys/net/lib/dns/resolve.c. The manipulation leads to out-of-bounds read.

This vulnerability is known as CVE-2025-1673. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-1673 | zephyrproject-rtos Zephyr up to 4.0 resolve.c dns_validate_msg out-of-bounds (GHSA-jjhx-rrh4-j8mx)

Related Posts

CVE-2024-25753 | Tenda AC9 15.03.06.42_multi formSetDeviceName stack-based overflow

CVE-2025-25160 | Mark Barnes Style Tweaker Plugin up to 0.11 on WordPress cross-site request forgery

CVE-2024-33870 | Ghostscript path traversal

CVE-2024-5266 | Download Manager Plugin up to 3.2.92 on WordPress Shortcode cross site scripting