CNNVD-202511-1875 Information

Nov 17, 2025 cve

CNNVD ID

CNNVD-202511-1875

CVE-2025-64342

  • CNNVD Published: 2025-11-17

Description (Chinese)

Espressif ESP-IDF是中国乐鑫(Espressif)公司的一款物联网开发框架。 Espressif ESP-IDF存在代码问题漏洞,该漏洞源于无效访问地址处理不当,可能导致广告停止和错误连接报告。

Description (English)

Espressif ESP-IDF is a framework for networking development of a piece of the Chinese company Espressif. Espressif ESP-IDF has a code gap, which stems from the mishandling of invalid access addresses, which may lead to the discontinuation of advertising and incorrect connection reports.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

乐鑫

Published

2025-11-17

Last Modified

2026-02-24

References

https://github.com/espressif/esp-idf/commit/8ec541023684d33b498fa21c5b4724bce748aa7b https://github.com/espressif/esp-idf/commit/309f031dd6b04de30c926a256508c65b0df95dfa https://github.com/espressif/esp-idf/commit/75967b578563ea7876dc215251cbb6d64bc9d768 https://github.com/espressif/esp-idf/security/advisories/GHSA-8mg7-9qpg-p92v https://github.com/espressif/esp-idf/commit/e3d70429566ece1ef593d36aa4ebd320e0c95925 https://github.com/espressif/esp-idf/commit/3b95b50703cd3301a370cffaa1cc299b1941fe2a https://github.com/espressif/esp-idf/commit/bf66761962579f73aea682d1154b9c99b9d3d7dc https://access.redhat.com/security/cve/cve-2025-64342

Patch

https://github.com/espressif/esp-idf/releases

Share on: