Vulnerabilities > CVE-2025-1675 - Unspecified vulnerability in Zephyrproject Zephyr

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

zephyrproject

critical

NVD

Published: 2025-02-25

Updated: 2025-02-28

Summary

The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.

Vulnerable Configurations

Part	Description	Count
OS	Zephyrproject Zephyrproject Zephyr *	1

References

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2m84-5hfw-m8v4