CVE-2024-25392

An out-of-bounds access occurs in utilities/varexport/varexport.c in RT-Thread through 5.0.2...

CVE-2024-25394

The CVE-2024-25394 issue affects RT-Thread RTOS up to version 5.0.2, specifically in utilities/ymodem/ry_sy.c, caused by an incorrect sprintf call or a missing '\0'. The buffer overflow is documented across multiple sources (NVD/Red Hat/OSV/CVE records) with no public exploit details provided in ...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from the dfsv2 romfs file failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...

CVE-2024-25393

A stack buffer overflow occurs in net/at/src/atserver.c in RT-Thread through 5.0.2...

CVE-2024-25391

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2...

CVE-2024-25391

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from an out-of-bounds access in utilities/varexport/varexport.c. The vulnerability is caused by an out-of-bounds access in...

CVE-2024-24334

A heap buffer overflow occurs in dfsv2 dfsfile in RT-Thread through 5.0.2...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a heap-based buffer overflow in finsh/mshfile.c and finsh/msh.c. The vulnerability is caused by the presence of a heap-based...

CVE-2024-25391

CVE-2024-25391 affects RT-Thread RTOS up to version 5.0.2, with a stack-based buffer overflow in libc/posix/ipc/mqueue.c. The CVE description from multiple sources confirms the issue is a stack overflow in that file, reported as a local-attack surface with high impact (confidentiality/integrity/a...

CVE-2024-25393

The CVE-2024-25393 entry concerns RT-Thread up to version 5.0.2, where a stack buffer overflow exists in net/at/src/at_server.c due to insufficient validation of input length. This vulnerability can enable remote attackers to execute arbitrary code or cause a denial of service. The CVSS score is ...

CVE-2024-24334

RT-Thread suffers a heap buffer overflow in dfs_v2 dfs_file (through version 5.0.2). The issue arises from improper validation of input data length in the dfs_v2/dfs_file path, enabling memory corruption that can lead to code execution or a denial of service. Affected software: RT-Thread RTOS; vu...

CVE-2024-24335

The CVE-2024-24335 entry describes a heap buffer overflow in RT-Thread’s dfs_v2 romfs filesystem (RT-Thread RTOS) affecting version 5.0.2 and earlier. The vulnerability stems from insufficient validation of input data length in the dfs_v2 romfs file handling, enabling a overflow of the heap. Repo...

CVE-2024-25394

A buffer overflow occurs in utilities/ymodem/rysy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from an incorrect sprintf call or a missing "" character, resulting in a buffer overflow...

PT-2024-20920 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: A buffer overflow occurs in the utilities/rt-link/src/rtlink.c file. Recommendations: For RT-Thread versions through 5.0.2, update to a version that contains a fix for this issue. At the moment,...

PT-2024-20917 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: An out-of-bounds access occurs in utilities/var export/var export.c. Recommendations: For RT-Thread versions through 5.0.2, update to a version that fixes the out-of-bounds access issue in...

PT-2024-20913 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: The issue is related to a weak random number generation algorithm used in RT-Thread. The algorithm, defined as seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;, is implemented in the calc...

PT-2024-20915 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: A heap buffer overflow occurs in finsh/msh file.c and finsh/msh.c. Recommendations: For RT-Thread versions through 5.0.2, update to a version later than 5.0.2 to resolve the issue...

PT-2024-20918 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: A stack buffer overflow occurs in the net/at/src/at server.c file. Recommendations: For RT-Thread versions through 5.0.2, update to a version that contains a fix for this issue...