QwikSec

Security Database

CVE

CWE

Training

CVE-2025-5688

Published: Jun 4, 2025

Modified: Oct 14, 2025

PUBLISHED

Description

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Vendor	Product	Versions
Amazon	FreeRTOS	affected `2.3.4 - < 4.3.2`

Weaknesses (CWE)

References

https://aws.amazon.com/security/security-bulletins/AWS-2025-012/

vendor-advisory

https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.3.2

patch

https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-5x4f-fvv8-wr65

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.