Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo prior to version 6.4.2, which stems from an issue included in the NetX HTTP server functionality that could lead to a denial of service...

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo prior to version 6.4.2, which stems from a buffer overflow issue included in the NetX HTTP server functionality...

PT-2025-7469 · Eclipse · Eclipse Threadx Netx Duo

Name of the Vulnerable Software and Affected Versions: Eclipse ThreadX NetX Duo versions prior to 6.4.2 Description: The issue allows an attacker to cause an integer underflow and a subsequent denial of service by writing a very large file or by sending specially crafted packets with Content-Leng...

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo prior to version 6.4.2, which stems from a buffer overflow issue included in the NetX HTTP server functionality...

PT-2025-7468 · Eclipse · Eclipse Threadx Netx Duo

Name of the Vulnerable Software and Affected Versions: Eclipse ThreadX NetX Duo versions prior to 6.4.2 Description: The issue is related to the NetX HTTP server functionality, where an attacker can cause a denial of service by sending specially crafted packets. This is due to a missing closing o...

PT-2025-7470 · Eclipse · Eclipse Threadx Netx Duo

Name of the Vulnerable Software and Affected Versions: Eclipse ThreadX NetX Duo versions prior to 6.4.2 Description: The issue allows an attacker to cause an integer underflow and a subsequent denial of service by writing a very large file or by sending specially crafted packets with Content-Leng...

CVE-2024-2212

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

Eclipse ThreadX Buffer Overflows

-- HNS-2024-06 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Eclipse ThreadX OS: Eclipse ThreadX Date: 2024-05-28 CVE IDs and severity: CVE-2024-2214 - High - 7.0 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-2212 - High - 7.3 -...

CVE-2024-2212

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2212

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2452

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2452

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2212

Summary: CVE-2024-2212 affects Eclipse ThreadX prior to 6.4.0 due to missing parameter checks in the FreeRTOS compatibility API functions xQueueCreate() and xQueueCreateSet() (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c). This can cause integer wraparound, under-allocations, and heap...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2214 Missing array size check in _Mtxinit() in the Xtensa port

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2214 Missing array size check in _Mtxinit() in the Xtensa port

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2214

CVE-2024-2214 affects Eclipse ThreadX, specifically the Xtensa port. The vulnerability arises from an ineffective array size check in the _Mtxinit() function, leading to a memory overwrite in ports/xtensa/xcc/src/tx_clib_lock.c. It applies to ThreadX versions prior to 6.4.0. The available documen...

CVE-2024-2452 Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...