Lucene search

EclipseVULNRICHMENT:CVE-2024-2214

HistoryMar 26, 2024 - 3:48 p.m.

CVE-2024-2214 Missing array size check in _Mtxinit() in the Xtensa port

2024-03-2615:48:36

CWE-129

eclipse

github.com

cve-2024-2214

memory overwrite

threadx xtensa

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the
Xtensa port was missing an array size check causing a memory overwrite.
The affected file was ports/xtensa/xcc/src/tx_clib_lock.c

CNA Affected

[
  {
    "repo": "https://github.com/eclipse-threadx/threadx/",
    "vendor": "Eclipse Foundation",
    "product": "ThreadX",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "6.4.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

seclists.org/fulldisclosure/2024/May/35

www.openwall.com/lists/oss-security/2024/05/28/1

github.com/eclipse-threadx/threadx/security/advisories/GHSA-vmp6-qhp9-r66x

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-2214