OpenBSD 7.5/7.6 wg(4) Crash via Traffic Before Errata 006/015
CVE-2025-30334 Published on March 20, 2025
OpenBSD wg(4) kernel crash
In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash.
Vulnerability Analysis
CVE-2025-30334 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Incorrect Calculation of Buffer Size
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
Products Associated with CVE-2025-30334
Want to know whenever a new CVE is published for OpenBSD? stack.watch will email you.
Affected Versions
OpenBSD:- Version 7.6 and below 7.6 errata 006 is affected.
- Version 7.6 errata 008 is unaffected.
- Version 7.5 and below 7.5 errata 015 is affected.
- Version 7.5 errata 015 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.