Security Bulletin
CVE-2025-49604
|
CVEID |
CVE-2025-49604 |
|
PRODUCT |
RTL8721D |
|
VERSION |
(1) Ameba-AIoT ameba-arduino-d version 3.1.9
(2) Ameba-AIoT ameba-rtos-d version (commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a 2025/07/03) |
|
PROBLEM TYPE |
Buffer Overflow |
|
DESCRIPTION |
For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames
may lead to a heap-based buffer overflow. |
|
CONTRIBUTOR |
Xiaobye(@xiaobye_tw) of DEVCORE Research Team |
Realtek IoT/Wi-Fi MCU Solutions . All Rights Reserved. Terms of Use
