{"id":"CVE-2025-24797","summary":"Meshtastic incorrectly hands malformed packets leads to controlled buffer overflow","details":"Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2.","aliases":["GHSA-33hw-xhfh-944r"],"modified":"2026-04-12T14:04:27.223186Z","published":"2025-04-14T23:25:19.152Z","database_specific":{"cwe_ids":["CWE-119","CWE-122"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24797.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24797.json"},{"type":"ADVISORY","url":"https://github.com/meshtastic/firmware/security/advisories/GHSA-33hw-xhfh-944r"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24797"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/meshtastic/firmware","events":[{"introduced":"0"},{"fixed":"31c0e8fa2ca0cce903e73749454324c672c18b4c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.6.2"}]}}],"versions":["0.0.3","0.1.10","0.1.6","0.1.7","0.1.8","0.1.9","0.2.0","0.2.3","0.4.1","0.4.2","0.4.3","0.6.0","0.6.1","0.6.2","0.6.3","0.6.4","0.6.7","0.6.8","0.7.10","0.7.11","0.7.4","0.7.5","0.7.6","0.7.6b","0.7.7","0.7.8","0.7.9","0.8.1-fixed","0.9.1","0.9.2","0.9.3","0.9.5","0.9.6","0.9.7","1.0.0","1.1.0","1.1.1","1.1.2","1.1.20","1.1.23","1.1.3","1.1.30","1.1.31","1.1.32","1.1.33","1.1.4","1.1.42","1.1.46","1.1.47","1.1.48","1.1.5","1.1.50","1.1.6","1.1.7","1.1.8","1.2.1","1.2.10","1.2.11","1.2.4","1.2.5","1.2.6","1.2.9","v1.2.29.6c95659","v1.2.30.80e4bc6","v1.2.38.cf4e508","v1.2.39.06892c4","v1.2.41.32f3682","v1.2.44.f2c9c55","v1.2.47","v1.2.48.371335e","v1.2.49.5354c49","v1.2.50.41dcfdd","v1.2.51.f9ff06b","v1.2.52.b63802c","v1.2.53.19c1f9f","v1.2.54.288f2be","v1.2.55.9db7c62","v1.2.testing1","v1.3.10.4df0e91","v1.3.10.cc2a84a","v1.3.11.0411401","v1.3.12.6306c53","v1.3.13.71a43a9","v1.3.15.432d067","v1.3.16.97899ae","v1.3.17.c9822de","v1.3.19.3c6a2f7","v1.3.20.9a5ff93","v1.3.21.cf00ac5","v1.3.22.c725a6b","v1.3.23.5462d84","v1.3.24.dff6915","v1.3.25.85f46d3","v1.3.26.0010231","v1.3.27.c88ba58","v1.3.28.41f9541","v1.3.29.7afc149","v1.3.3.2fe124e","v1.3.30.9fe2ddb","v1.3.31.0084643","v1.3.32.7e6c22f","v1.3.33.ab0095c","v1.3.34.401b5d9","v1.3.35.3251cd5","v1.3.36.64f852e","v1.3.36.7e03019","v1.3.36.dd720f2","v1.3.37.97712a9","v1.3.38.1253abd","v1.3.39.ddc3727","v1.3.4.2b20bf3","v1.3.40.e87ecc2","v1.3.41.80ddb81","v1.3.42.9bd9252","v1.3.43.aae9d2f","v1.3.44.4fa8d02","v1.3.46.d4ea956","v1.3.47.05147c0","v1.3.48.82bcd39","v1.3.5.e5b19fd","v1.3.6.f511bab","v1.3.7.bb22b6e","v1.3.8.90df7c2","v1.3.9.92185e7","v2.0.0.18ab874","v2.0.1.ad05b91","v2.0.10.e09b12c","v2.0.11.8914d1a","v2.0.12.2400dd4","v2.0.13.7e27729","v2.0.14.2baaad8","v2.0.15.aafbde0","v2.0.16.2242b68","v2.0.17.5d1c06b","v2.0.18.1a7991c","v2.0.19.3209aea","v2.0.2.8146e84","v2.0.20.7100416","v2.0.21.83e6cea","v2.0.22.fbfd0f1","v2.0.23.7bb281d","v2.0.3.09fe616","v2.0.6.97fd5cf","v2.0.7.91ff7b9","v2.0.8.090e166","v2.0.9.6ea0963","v2.1.0.331a1af","v2.1.1.dc2ca9c","v2.1.10.7ef12c7","v2.1.11.5ec624d","v2.1.12.7711b03","v2.1.13.7475c86","v2.1.14.99a31c1","v2.1.15.cd78723","v2.1.16.a2c5b92","v2.1.17.7ca2e81","v2.1.18.de53280","v2.1.19.eb7025f","v2.1.2.6d20215","v2.1.20.470363d","v2.1.21.97d7a89","v2.1.22.191a69d","v2.1.23.04bbdc6","v2.1.3.8c68d88","v2.1.4.958d2cf","v2.1.5.23272da","v2.1.6.5679a82","v2.1.7.242f880","v2.1.9.d43ddc9","v2.2.0.9f6584b","v2.2.1.fb5f2e4","v2.2.10.7cebd79","v2.2.11.10265aa","v2.2.12.092e6f2","v2.2.13.f570204","v2.2.14.57542ce","v2.2.15.31c4693","v2.2.16.1c6acfd","v2.2.17.dbac2b1","v2.2.18.e9bde80","v2.2.19.8f6a283","v2.2.2.f35c7be","v2.2.20.af5ac32","v2.2.21.7f7c5cb","v2.2.22.404d0dd","v2.2.23.5672e68","v2.2.24.e6a2c06","v2.2.3.282cc0b","v2.2.4.3bcab0e","v2.2.5.8255128","v2.2.6.b53cb38","v2.2.7.e8970ad","v2.2.8.61f6fb2","v2.2.9.47301a5","v2.3.0.5f47ca1","v2.3.1.4fa7f5a","v2.3.10.d19607b","v2.3.11.2740a56","v2.3.12.24458a7","v2.3.13.83f5ba0","v2.3.14.64531fa","v2.3.15.deb7c27","v2.3.2.63df972","v2.3.3.8187fa7","v2.3.4.ea61808","v2.3.5.2f9b68e","v2.3.6.7a3570a","v2.3.7.30fbcab","v2.3.8.d490a33","v2.3.9.f06c56a","v2.4.0.46d7b82","v2.4.1.394e0e1","v2.4.2.5b45303","v2.4.3.efc27f2","v2.5.0.33eb073","v2.5.0.9ac0e26","v2.5.0.9e55e6b","v2.5.0.ab7de7f","v2.5.0.d6dac17","v2.5.0.e470619","v2.5.10.0fc5c9b","v2.5.11.8e2a3e5","v2.5.12.aa184e6","v2.5.13.1a06f88","v2.5.13.295278b","v2.5.14.f2ee0df","v2.5.15.79da236","v2.5.16.f81d3b0","v2.5.17.b4b2fd6","v2.5.18.89ebafc","v2.5.19.d5cd6f8","v2.5.19.f9876cf","v2.5.2.771cb52","v2.5.20.4c97351","v2.5.21.447533a","v2.5.22.d1fa27d","v2.5.23.bf958ed","v2.5.3.a70d5ee","v2.5.4.8d288d5","v2.5.5.e182ae7","v2.5.6.d55c08d","v2.5.7.f77c87d","v2.5.8.6485f03","v2.5.9.936260f","v2.6.0.f7afa9a","v2.6.1.7c3edde"],"database_specific":{"vanir_signatures":[{"target":{"function":"esp32Setup","file":"src/platform/esp32/main-esp32.cpp"},"signature_type":"Function","id":"CVE-2025-24797-11af00a1","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"function_hash":"245210903505394026043325024741897715508","length":1758}},{"target":{"file":"src/modules/AdminModule.cpp"},"signature_type":"Line","id":"CVE-2025-24797-2480b0c3","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["61906178065152490745645933840680174577","28946009239950095414879604145601960566","60649532268409851977496238090324167516","200634508803862953288748608943237796601","244993196823156081938587012998377171933","314997957164196178084788819934505000108","274879986595756875548178437855315468027","182270819984620945240112518637550383490","131031132699406139319836751897879463449","315061169634299417854061116329323171859","13850273912623731527025627215546501489","3732993753203446154982775224464466777","57701735102792753932437450714014955231","151727272169547227909156775003071831656","158085038331930558469295460800969735618","232610998719035549098107118297606687147","131914005922832595584348032757712868036","201421653561029527719338601750206488790","83125320712499385149269695774695540630","275419980576526112675236469812557313254"]}},{"target":{"function":"NodeDB::installDefaultConfig","file":"src/mesh/NodeDB.cpp"},"signature_type":"Function","id":"CVE-2025-24797-2f3989e5","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"function_hash":"108084095104954802032035129130168315302","length":6212}},{"target":{"file":"src/platform/esp32/main-esp32.cpp"},"signature_type":"Line","id":"CVE-2025-24797-5291d4f9","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["249284301546385323913208866798342752033","148313737138677794687914364016057942736","125503957719484020501243424300724351197","190001140620202926798782202257677909227","3052219449725424921911434118194674663","326526716262538329982181416973430293668","220183260852286607517051190966862909215","66875154906076421416391399934220641088","309957815677007174062473363833019292325","185962665488891403066726700657332529563","128188205448738089204241983939314957855","307694384273612590918886186445643392808"]}},{"target":{"file":"src/mesh/NodeDB.cpp"},"signature_type":"Line","id":"CVE-2025-24797-9f5505c9","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["319846714653623395037710379554644507513","293655723608504213056212379130841077548","159552122833603300490442198778233625697","192545791781481665433966103126359132349","120863761192394302846507171525228177771","185421457120135663455896398193937494855"]}},{"target":{"function":"AdminModule::handleReceivedProtobuf","file":"src/modules/AdminModule.cpp"},"signature_type":"Function","id":"CVE-2025-24797-ccc3d79f","deprecated":false,"source":"https://github.com/meshtastic/firmware/commit/31c0e8fa2ca0cce903e73749454324c672c18b4c","signature_version":"v1","digest":{"function_hash":"273999714152949001576815024458923749623","length":12256}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24797.json","vanir_signatures_modified":"2026-04-12T14:04:27Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"}]}