Fixes the following vulnerability:
- CVE-2025-34450:
merbanan/rtl_433 versions up to and including 25.02 and prior to
commit 25e47f8 contain a stack-based buffer overflow vulnerability in
the function parse_rfraw() located in src/rfraw.c. When processing
crafted or excessively large raw RF input data, the application may
write beyond the bounds of a stack buffer, resulting in memory
corruption or a crash. This vulnerability can be exploited to cause a
denial of service and, under certain conditions, may be leveraged for
further exploitation depending on the execution environment and
available mitigations.
For mroe information, see:
- https://www.cve.org/CVERecord?id=CVE-2025-34450
- https://github.com/merbanan/rtl_433/commit/25e47f8932f0401392ef1d3c8cc9ed5595bc894a
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Thomas Perale
7613501954