CVE-2025-68137
BaseFortify
Publication date: 2026-01-21
Last updated on: 2026-02-06
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | everest | to 2025.10.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-835 | The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68137 is a high-severity vulnerability in the EVerest EV charging software stack caused by an integer overflow in the SdpPacket::parse_header() function. When parsing a header, an integer overflow causes the computed buffer length to be incorrectly set between 0 and 7 instead of a larger correct size. This leads to a negative remaining length value that is interpreted as a very large unsigned number (SIZE_MAX). Depending on the connection type, this causes either an infinite loop (plain TCP) or a stack buffer overflow (TLS). The overflow can overwrite critical memory areas, potentially allowing arbitrary code execution. The issue is fixed in version 2025.10.0. [1]
How can this vulnerability impact me? :
This vulnerability can cause denial of service through infinite loops on plain TCP connections or stack buffer overflows on TLS connections. The buffer overflow can corrupt memory, including critical variables, potentially allowing attackers to execute arbitrary code. This can compromise the confidentiality, integrity, and availability of the affected system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for abnormal behavior such as infinite loops or crashes in the EVerest EV charging software prior to version 2025.10.0. Specifically, detection can involve sending malformed SDP requests that trigger the integer overflow in the SdpPacket::parse_header() function. A proof-of-concept Python script exists that sends such malformed SDP requests and TLS payloads to trigger the overflow, which can be used as a detection tool. Additionally, monitoring for repeated failed read() system calls or unusual SSL_read_ex() behavior may indicate exploitation attempts. However, no specific commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the EVerest software to version 2025.10.0 or later, where the integer overflow issue in SdpPacket::parse_header() has been fixed. Until the upgrade can be applied, consider restricting access to the vulnerable service to trusted networks only, and monitor for suspicious activity such as infinite loops or crashes. Applying network-level protections to block malformed SDP packets may also help reduce risk. [1]