CVE-2025-66646 | RIOT-OS up to 2025.9 IPv6 Fragmentation gnrc_ipv6_ext_frag null pointer dereference (GHSA-v8gx-q9m6-5xm9)

A vulnerability, which was classified as problematic, has been found in RIOT-OS up to 2025.9. This affects the function gnrc_ipv6_ext_frag of the component IPv6 Fragmentation Handler. This manipulation causes null pointer dereference.

The identification of this vulnerability is CVE-2025-66646. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

If you want to get best quality of vulnerability data, you may have to visit VulDB.VulDB Recent EntriesRead More