CNNVD-202510-2168 Information

CNNVD ID

CNNVD-202510-2168

Related CVE

CVE-2025-55082

• CNNVD Published: 2025-10-15

Description (Chinese)

Eclipse ThreadX NetX Duo是Eclipse ThreadX开源的一个 IPv4 和 IPv6 双重网络堆栈。 Eclipse ThreadX NetX Duo 6.4.4之前版本存在缓冲区错误漏洞，该漏洞源于缺少对用户消息中PSK长度的验证，可能导致越界读取。

Description (English)

Eclipse ThreadX NetX Duo is a dual IPv4 and IPv6 network stack of Eclipse ThreadX open sources. The previous version of Eclipse ThreadX NetX Duo 6.4.4 had an error loophole in the buffer zone, which stemmed from a lack of verification of PSK length in user messages, which could lead to cross-border reading.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

Eclipse ThreadX

Published

2025-10-15

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-8h38-qjhh-mf2h https://access.redhat.com/security/cve/cve-2025-55082

Patch

https://github.com/eclipse-threadx/netxduo/releases