CVE-2025-8183 – A NULL pointer dereference vulnerability in µD... (How to Fix)

Q: What is the severity of CVE-2025-8183?

CVE-2025-8183 has a CVSS score of 7.5 (HIGH). A NULL pointer dereference vulnerability in µD3TN allows remote attackers to cause a denial-of-service (DoS) by sending specially crafted non-singleton destination Endpoint Identifiers. This affects all systems running vulnerable versions of µD3TN, a Delay-Tolerant Networking implementation.

📋 TL;DR

A NULL pointer dereference vulnerability in µD3TN allows remote attackers to cause a denial-of-service (DoS) by sending specially crafted non-singleton destination Endpoint Identifiers. This affects all systems running vulnerable versions of µD3TN, a Delay-Tolerant Networking implementation.

💻 Affected Systems

Products:

µD3TN (micro DTN)

Versions: All versions prior to the fix

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable when µD3TN is configured to accept network connections. The issue is in endpoint identifier parsing logic.

📦 What is this software?

Ud3tn by D3tn

View all CVEs affecting Ud3tn →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of µD3TN, preventing all DTN communications until service restart.

🟠

Likely Case

Service crash requiring manual restart, causing temporary communication interruption.

🟢

If Mitigated

Minimal impact if proper network segmentation and monitoring are in place to detect and block malicious traffic.

🌐 Internet-Facing: HIGH - Remote unauthenticated exploitation possible, leading to reliable DoS.

🏢 Internal Only: MEDIUM - Still exploitable internally but with more limited attack surface.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple packet crafting required. The vulnerability is reliably triggerable via network packets.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Latest version from GitLab repository

Vendor Advisory: https://gitlab.com/d3tn/ud3tn/-/issues/255

Restart Required: Yes

Instructions:

1. Pull latest code from GitLab repository. 2. Rebuild µD3TN from source. 3. Stop current µD3TN service. 4. Replace binary with newly built version. 5. Restart service.

🔧 Temporary Workarounds

Network Filtering

all

Block or filter packets containing non-singleton destination Endpoint Identifiers at network perimeter.

Service Monitoring and Auto-restart

linux

Implement monitoring to detect µD3TN crashes and automatically restart the service.

systemctl enable ud3tn
systemctl start ud3tn

🧯 If You Can't Patch

Implement strict network access controls to limit who can communicate with µD3TN instances.
Deploy intrusion detection systems to monitor for exploitation attempts and alert on service crashes.

🔍 How to Verify

Check if Vulnerable:

Check µD3TN version against GitLab repository. If running any version prior to the fix commit, system is vulnerable.

Check Version:

ud3tn --version or check build timestamp/git commit hash

Verify Fix Applied:

After patching, test by sending crafted packets with non-singleton destination Endpoint Identifiers and verify service remains stable.

📡 Detection & Monitoring

Log Indicators:

µD3TN process crashes
Segmentation fault errors in system logs
Service restart events

Network Indicators:

Unusual packets to µD3TN port with malformed endpoint identifiers
Spike in connection attempts followed by service unavailability

SIEM Query:

source="systemd" AND "ud3tn" AND ("segmentation fault" OR "crash" OR "SIGSEGV")

📊 Metadata

CVE ID: CVE-2025-8183

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.24% exploit probability (47.4th percentile)

Published: July 25, 2025

Last Updated: August 11, 2025

🔗 References

https://gitlab.com/d3tn/ud3tn/-/issues/255 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8183, you might also want to check these: