CVE-2026-7426 in FreeRTOS-Plus-TCP情報

要約

〜によって MITRE • 2026年04月29日

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted.

To mitigate this issue, users should upgrade to the fixed version when available.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

AMZN

予約する

2026年04月29日

公開

2026年04月29日

モデレーション

承諾済み

エントリ

VDB-360208

CPE

準備完了

CWE

CWE-787 (確認済み)

CVSS

8.1 (CNA)

EPSS

0.00021

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7426
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7426
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7426/

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!