CVE-2024-2452

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2452

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

CVE-2024-2212

Summary: CVE-2024-2212 affects Eclipse ThreadX prior to 6.4.0 due to missing parameter checks in the FreeRTOS compatibility API functions xQueueCreate() and xQueueCreateSet() (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c). This can cause integer wraparound, under-allocations, and heap...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2214 Missing array size check in _Mtxinit() in the Xtensa port

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2452 Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

CVE-2024-2452 Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

Eclipse ThreadX RTOS 输入验证错误漏洞

Eclipse ThreadX RTOS is an advanced real-time operating system RTOS from Eclipse ThreadX designed for deeply embedded applications. A security vulnerability exists in Eclipse ThreadX RTOS versions prior to 6.4.0, which stems from a buffer overflow vulnerability due to a lack of parameter checking...

PT-2024-19226 · Unknown · Eclipse Threadx

Name of the Vulnerable Software and Affected Versions: Eclipse ThreadX versions prior to 6.4.0 Description: The issue is related to a missing array size check in the Mtxinit function within the Xtensa port of Eclipse ThreadX, causing a memory overwrite. The affected file is ports/xtensa/xcc/src/t...

Eclipse ThreadX NetX Duo 输入验证错误漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.0, which stems from a vulnerability that allows attackers to cause a buffer overflow via the function...