Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues

Freertos ยท 2026-06-05

Actions

Rate this issue

Technical Details

Affected Versions >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <=V4.4.0
Regions all
CVE IDs CVE-2026-7425, CVE-2026-7426
Migration Required Yes
Cost Impact Neutral
IaC Impact High

What This Means

For DevOps Teams

Update FreeRTOS-Plus-TCP to version V4.4.1 or V4.2.6 to address out-of-bounds read and write issues in the IPv6 Router Advertisement option parser, reducing the risk of network exploitation.

For Platform Teams

Deploy the patched FreeRTOS-Plus-TCP versions to enhance network security and protect against potential attacks via crafted Router Advertisement packets.

For Executives

Implement the latest FreeRTOS-Plus-TCP version to mitigate security risks associated with CVE-2026-7425 and CVE-2026-7426, ensuring network safety and maintaining customer trust.

Source

View original AWS announcement โ†’

Weekly AWS Digest in Your Inbox

No spam, no headlines. Just a weekly summary of the 3โ€“7 AWS changes that matter for DevOps and Platform teams.

๐Ÿ“ง Exactly 1 email per week โ€ข Every Tuesday โ€ข Unsubscribe anytime

Today: AWS only. Coming next: Azure and other major clouds.