Null Pointer Dereference in RIOT Operating System for IoT Devices
CVE-2025-66646

1.7LOW

Key Information:

Vendor

Riot-os

Status
Riot
Vendor
CVE Published:
17 December 2025

What is CVE-2025-66646?

A vulnerability exists in the IPv6 fragmentation reassembly implementation of RIOT, an open-source operating system tailored for IoT devices. When the gnrc_ipv6_ext_frag module is active, receiving a fragmented IPv6 packet with a fragment offset of 0 and an empty payload leads to a NULL pointer dereference. This occurs because the system attempts to copy an empty payload into the reassembly buffer, which results in a crash of the operating system, effectively triggering a denial of service (DoS). Users are advised to update to RIOT OS v2025.10, where this issue has been addressed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RIOT < 2025.10

References

https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-...
x_refsource_CONFIRM
https://github.com/RIOT-OS/RIOT/blob/eb65305cf9f1b7affb50...
x_refsource_MISC
https://github.com/RIOT-OS/RIOT/blob/eb65305cf9f1b7affb50...
x_refsource_MISC

CVSS V4

Score:
1.7
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.