CVE-2025-66647 | RIOT-OS up to 2025.9 IPv6 Fragmentation gnrc_ipv6_ext_frag buffer overflow

A vulnerability has been found in RIOT-OS up to 2025.9 and classified as critical. Affected is the function gnrc_ipv6_ext_frag of the component IPv6 Fragmentation Handler. This manipulation causes buffer overflow.

The identification of this vulnerability is CVE-2025-66647. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More