Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      Why Non-Native Content Designers Improve Global UX

      July 18, 2025

      DevOps won’t scale without platform engineering and here’s why your teams are still stuck

      July 18, 2025

      This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

      July 18, 2025

      Report: 71% of tech leaders won’t hire devs without AI skills

      July 17, 2025

      Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

      July 18, 2025

      My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

      July 18, 2025

      AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

      July 18, 2025

      Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

      July 18, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      The details of TC39’s last meeting

      July 18, 2025
      Recent

      The details of TC39’s last meeting

      July 18, 2025

      Online Examination System using PHP and MySQL

      July 18, 2025

      A tricky, educational quiz: it’s about time..

      July 18, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      CAD Sketcher – constraint-based geometry sketcher

      July 18, 2025
      Recent

      CAD Sketcher – constraint-based geometry sketcher

      July 18, 2025

      7 Best Free and Open Source Linux FTP Servers

      July 18, 2025

      Best Free and Open Source Alternatives to Autodesk FBX Review

      July 18, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-53888 – RIOT-OS L2FILTER Add Buffer Overflow

    CVE-2025-53888 – RIOT-OS L2FILTER Add Buffer Overflow

    July 18, 2025

    CVE ID : CVE-2025-53888

    Published : July 18, 2025, 4:15 p.m. | 1 hour, 3 minutes ago

    Description : RIOT-OS, an operating system that supports Internet of Things devices, has an ineffective size check implemented with `assert()` can lead to buffer overflow in versions up to and including 2025.04. Assertions are usually compiled out in production builds. If assertions are the only defense against untrusted inputs, the software may be exposed to attacks that utilize the lack of proper input checks. In the `l2filter_add()` function shown below, `addr_len` is checked using an assertion and is subsequently used as an argument in a `memcpy()` call. When assertions are disabled, there would be no size check for `addr_len`. As a consequence, if an attacker were to provide an `addr_len` value larger than `CONFIG_L2FILTER_ADDR_MAXLEN`, they can trigger a buffer overflow and write past the `list[i].addr` buffer. If the unchecked input is attacker-controlled, the impact of the buffer overflow can range from a denial of service to arbitrary code execution. Commit f6f7de4ccc107c018630e4c15500825caf02e1c2 contains a patch for the vulnerability.

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-54059 – Melange SBOM Generation Permissions Vulnerability
    Next Article CVE-2025-7787 – Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

    Related Posts

    Development

    Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

    July 18, 2025
    Development

    CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

    July 18, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    CVE-2025-4177 – Flynax Bridge – Unauthenticated User Deletion Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    CVE-2025-38337 – Linux Kernel jbd2 Null Pointer Dereference and Data Race Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    Microsoft has a new way to use AI in OneNote — but a “dumb” feature excites me more

    News & Updates

    Broadcom waarschuwt voor actief misbruikt lek in Brocade Fabric OS

    Security

    Highlights

    CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM

    July 2, 2025

    CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM

    Cisco has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) and Session Management Edition (SME) platforms. Tracked as CVE-2025-20309 and rated CVSS 10, the flaw ex …
    Read more

    Published Date:
    Jul 03, 2025 (2 hours, 9 minutes ago)

    Vulnerabilities has been mentioned in this article.

    CVE-2025-20309

    CVE-2025-20282

    CVE-2025-20281

    CVE-2025-36560

    CVE-2025-31103

    CVE-2025-28169 – BYD QIN PLUS DM-i Dilink OS Unencrypted Broadcast Vulnerability

    April 23, 2025

    Qilin Becomes Top Ransomware Group Amid RansomHub Uncertainty

    May 6, 2025

    CVE-2025-38221 – Linux Kernel ext4 Out-of-Bounds Punch Offset Vulnerability

    July 4, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.