3 matches found
CVE-2024-2452
In Eclipse ThreadX NetX Duo prior to 6.4.0, an attacker who can control parameters of the __portable_aligned_alloc() function may trigger an integer wrap-around with an under-sized allocation, enabling subsequent heap buffer overflows. Affected software: Eclipse ThreadX NetX Duo (pre-6.4.0). Root...
CVE-2024-2452 Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...
Eclipse ThreadX NetX Duo 输入验证错误漏洞
Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.0, which stems from a vulnerability that allows attackers to cause a buffer overflow via the function...