CVE-2025-34450
Stack-Based Buffer Overflow in merbanan/rtl_433 parse_rfraw
Publication date: 2025-12-18
Last updated on: 2025-12-18
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| merbanan | rtl_433 | 25.02 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the parse_rfraw() function of merbanan/rtl_433 software versions up to 25.02 and before a specific commit. When the software processes crafted or very large raw RF input data, it may write data beyond the allocated stack buffer, causing memory corruption or a crash.
How can this vulnerability impact me? :
The vulnerability can cause the application to crash, resulting in a denial of service. Under certain conditions, it may also be exploited further depending on the execution environment and available mitigations, potentially leading to more severe impacts.