CVE-2025-34457

UNKNOWN 0.0

wb2osz/direwolf <= 1.8.1 Stack-based Buffer Overflow DoS

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition.

CWE	CWE-121
Vendor	wb2osz
Product	dire wolf
Published	Dec 22, 2025
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for wb2osz dire wolf

Be the first to know when new unknown vulnerabilities affecting wb2osz dire wolf are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

wb2osz / Dire Wolf

0 ≤ 1.8.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-010-direwolf-stack-buffer-overflow-kiss-frame.md github.com: https://github.com/wb2osz/direwolf/issues/617 github.com: https://github.com/wb2osz/direwolf/commit/694c954 vulncheck.com: https://www.vulncheck.com/advisories/wb2osz-direwolf-stack-based-buffer-overflow-dos

Credits

Vlatko Kosturjak with Marlink Cyber