CVE-2025-34468

NameCVE-2025-34468
Descriptionlibcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentially achieve remote code execution depending on compiler options and runtime memory protections. Exploitation requires the proxy logic to be enabled (i.e., the proxy request handling code path in an application using libcoap).
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1124407

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libcoap3 (PTS)bookworm4.3.1-1vulnerable
trixie4.3.4-1.1+deb13u1vulnerable
forky, sid4.3.5-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libcoap3source(unstable)(unfixed)1124407

Notes

[trixie] - libcoap3 <no-dsa> (Minor issue)
[bookworm] - libcoap3 <no-dsa> (Minor issue)
https://github.com/obgm/libcoap/pull/1737
Fixed by: https://github.com/obgm/libcoap/commit/30db3eaa1f0464722ebea2ca2d5084aebfbd344d (develop)
Fixed by: https://github.com/obgm/libcoap/commit/cc9aba6e01973b7cc06b7b20d0986411e5f5e2ef (v4.3.5a)
Search for package or bug name: Reporting problems