HIGH🇵🇱 Wersja polska

CVE-2024-2214

CVSS 7.0v3.1pub. 2024-03-26upd. 2025-02-13

In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/tx_clib_lock.c

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Eclipse Threadx

    APP
    Eclipse
    < 6.4.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-0648HIGH7.8ten sam produkt

The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/uti...

CVE-2025-55080HIGH7.2ten sam produkt

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't eno...

CVE-2024-2212HIGH7.3ten sam produkt

In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibil...

CVE-2025-55079MEDIUM5.7ten sam produkt

In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases th...

CVE-2025-55078MEDIUM5.7ten sam produkt

In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a poin...