Description
An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet.
Published: 2026-03-16
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure and Denial of Service
Action: Immediate Patch
AI Analysis

Impact

An out‑of‑bounds memory access in the p2r3 Bareiron project allows an unauthenticated attacker to supply crafted packets that trigger the vulnerability, resulting in reading sensitive memory contents outside the intended buffer and causing a denial of service when the application becomes unresponsive. This weakness corresponds to CWE‑125 (Out‑of‑Bounds Read).

Affected Systems

Affected product: p2r3 Bareiron. The vulnerability exists in commit 8e4d40; any release that incorporates this commit is impacted, with no specific version range listed.

Risk and Exploitability

The CVSS score is 9.1, indicating a high severity threat. EPSS is not available and the vulnerability is not listed in the KEV catalog. Exploitation does not require authentication and is likely achieved over the network by sending a specially crafted packet to the affected component. No patches or workarounds are publicly documented, so attackers could exploit this flaw on any exposed instance of the component.

Generated by OpenCVE AI on March 16, 2026 at 22:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update p2r3 Bareiron to a version that does not include commit 8e4d40.
  • If an update is unavailable, isolate the service from untrusted networks.
  • Apply any vendor‑supplied patches or security updates as soon as they become available.

Generated by OpenCVE AI on March 16, 2026 at 22:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
Title Unauthenticated Out‑of‑Bounds Memory Access in p2r3 Bareiron Leading to Information Disclosure and DoS

Tue, 17 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared P2r3
P2r3 bareiron
Vendors & Products P2r3
P2r3 bareiron

Mon, 16 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet.
References

Subscriptions

P2r3 Bareiron
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-16T19:52:03.880Z

Reserved: 2026-01-09T00:00:00.000Z

Link: CVE-2025-69808

cve-icon Vulnrichment

Updated: 2026-03-16T19:51:32.588Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-16T19:16:14.850

Modified: 2026-03-17T14:20:01.670

Link: CVE-2025-69808

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T14:00:59Z

Weaknesses