Buffer Over-read when receiving improperly sized ICMPv6 packets

2025 023 ยท 2026-06-05

Actions

Rate this issue

Technical Details

Affected Versions v4.0.0 to v4.3.3
Regions all
CVE IDs CVE-2025-11616, CVE-2025-11617, CVE-2025-11618
Migration Required Yes
Cost Impact Neutral
IaC Impact High

What This Means

For DevOps Teams

Update applications using FreeRTOS-Plus-TCP to version 4.3.4 to address critical security vulnerabilities (CVE-2025-11616, CVE-2025-11617, CVE-2025-11618) and ensure system security.

For Platform Teams

Deploy the updated FreeRTOS-Plus-TCP version 4.3.4 across all affected applications to enhance security and maintain compliance with industry standards.

For Executives

Implement the latest FreeRTOS-Plus-TCP version 4.3.4 to mitigate security risks associated with buffer over-read vulnerabilities and invalid pointer dereferences, ensuring system integrity and compliance with security standards.

Source

View original AWS announcement โ†’

Weekly AWS Digest in Your Inbox

No spam, no headlines. Just a weekly summary of the 3โ€“7 AWS changes that matter for DevOps and Platform teams.

๐Ÿ“ง Exactly 1 email per week โ€ข Every Tuesday โ€ข Unsubscribe anytime

Today: AWS only. Coming next: Azure and other major clouds.