doc: security: Disclose CVE-2025-1675

Disclose information about published CVE. Signed-off-by: Flavio Ceolin <flavio@hubblenetwork.com>
2025-02-24 22:50:48 -08:00 · 2025-02-24 22:50:48 -08:00 · bc189229ac
commit bc189229ac
parent b777714e2a
1 changed files with 23 additions and 0 deletions
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@ -1881,3 +1881,26 @@ This has been fixed in main for v4.1.0

 - `PR 82288 fix for 3.7
  <https://github.com/zephyrproject-rtos/zephyr/pull/82288>`_
+
+:cve:`2025-1675`
+----------------
+
+Out of bounds read in dns_copy_qname
+
+The function dns_copy_qname in dns_pack.c performs performs a memcpy operation
+with an untrusted field and does not check if the source buffer is large enough
+to contain the copied data.
+
+- `Zephyr project bug tracker GHSA-2m84-5hfw-m8v4
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2m84-5hfw-m8v4>`_
+
+This has been fixed in main for v4.1.0
+
+- `PR 82072 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/82072>`_
+
+- `PR 82289 fix for 4.0
+  <https://github.com/zephyrproject-rtos/zephyr/pull/82289>`_
+
+- `PR 82288 fix for 3.7
+  <https://github.com/zephyrproject-rtos/zephyr/pull/82288>`_