CNNVD-202512-3345 Information
CNNVD ID
CNNVD-202512-3345
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
rtl_433是Benjamin Larsson个人开发者的一种通用数据接收器。用于解码来自 Ism 频段(和其他频率)设备的无线电传输的程序。 rtl_433 25.02及之前版本和25e47f8之前版本存在安全漏洞,该漏洞源于parse_rfraw函数存在栈缓冲区溢出,可能导致内存损坏或崩溃。
Description (English)
rtl 433 is a common data receiver for Benjamin Larsson ’ s personal developer. Program to decode radio transmissions from Ism band (and other frequencies) equipment. 25.02 and previous versions and previous versions of 25e47f8 have a security loophole, which stems from the presence of a barrage buffer in the Parse rfraw function, which may lead to memory damage or collapse.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-18
Last Modified
2026-02-24
References
https://github.com/dd32/rtl_433/commit/25e47f8 https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-004-rtl_433-rfraw-parse-overflow.md https://github.com/merbanan/rtl_433/issues/3375 https://www.vulncheck.com/advisories/merbanan-rtl-433-stack-based-buffer-overflow
Patch
https://github.com/merbanan/rtl_433/releases
Share on: