CVE-2025-34450

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-34450
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34450.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-34450
Downstream
Published
2025-12-18T22:15:56.163Z
Modified
2026-01-03T05:44:47.081415Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

merbanan/rtl433 versions up to and including 25.02 and prior to commit 25e47f8 contain a stack-based buffer overflow vulnerability in the function parserfraw() located in src/rfraw.c. When processing crafted or excessively large raw RF input data, the application may write beyond the bounds of a stack buffer, resulting in memory corruption or a crash. This vulnerability can be exploited to cause a denial of service and, under certain conditions, may be leveraged for further exploitation depending on the execution environment and available mitigations.

References

Affected packages

Git / github.com/dd32/rtl_433

Affected ranges

Type
GIT
Repo
https://github.com/dd32/rtl_433
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
25e47f8

Affected versions

0.*
0.01
0.1
Other
push

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34450.json"

Git / github.com/merbanan/rtl_433

Affected ranges

Type
GIT
Repo
https://github.com/merbanan/rtl_433
Events
Introduced
0 Unknown introduced commit / All previous commits are affected

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34450.json"