CVE-2025-5688

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.


Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
AMZNCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Common Weakness Enumeration
References
https://aws.amazon.com/security/security-bulletins/AWS-2025-012/
https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.3.2
https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-5x4f-fvv8-wr65