Vulnerabilities

CVE-2025-34458 - wb2osz/direwolf <= 1.8 reachable assertion dos

2025-12-23 0 views admin

CVE ID : CVE-2025-34458 Published : Dec. 22, 2025, 10:16 p.m. | 1 hour, 46 minutes ago Description : wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-34458

Severity

HIGH

Published

Dec. 22, 2025

Impact: denial of service

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-34458high

CVE-2025-34458 - wb2osz/direwolf <= 1.8 reachable assertion dos

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-34457 - wb2osz/direwolf <= 1.8 stack-based buffer overflow dos

CVE-2025-67436 - PluXml CMS Remote Code Execution Vulnerability

CVE-2025-65857 - Xiongmai XM530 IP Camera Unauthenticated Video Stream Exposure

CVE-2025-65856 - Xiongmai XM530 IP Camera Authentication Bypass

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting