CVE-2025-65501
BaseFortify
Publication date: 2025-11-24
Last updated on: 2025-12-01
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| libcoap | libcoap | 4.3.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference in the libcoap library version 4.3.5, specifically in the function coap_dtls_info_callback(). It occurs because the return value of OpenSSL's SSL_get_app_data() function is not checked for NULL before being dereferenced. When SSL_get_app_data() returns NULL, libcoap attempts to access data through this null pointer, causing a segmentation fault and crashing the application. [2]
How can this vulnerability impact me? :
This vulnerability can cause a denial of service by crashing applications that use libcoap 4.3.5 during a DTLS handshake. Remote attackers can exploit this by triggering the null pointer dereference, leading to application crashes and service interruptions. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or segmentation faults in applications using libcoap 4.3.5, especially those handling DTLS handshakes. Specifically, look for null pointer dereference errors or AddressSanitizer reports indicating read access to zero page addresses in the function coap_dtls_info_callback(). Since the issue occurs during DTLS handshake processing, capturing and analyzing DTLS handshake traffic for anomalies or repeated crashes may help. However, no specific detection commands are provided in the available resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating libcoap to a version that includes proper null checks on the return value of SSL_get_app_data(), as the vulnerability is caused by missing validation leading to null pointer dereference. Applying patches that add comprehensive validation of OpenSSL API return values, such as those described in the fix for related issues (e.g., pull request #1750), will prevent the denial of service. If updating is not immediately possible, consider disabling DTLS support or restricting access to services using libcoap DTLS until a patched version is deployed. [1, 2]