CNNVD-202510-2400 Information
CNNVD ID
CNNVD-202510-2400
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
Eclipse ThreadX NetX Duo是Eclipse ThreadX开源的一个 IPv4 和 IPv6 双重网络堆栈。 Eclipse ThreadX NetX Duo 6.4.4之前版本存在安全漏洞,该漏洞源于Eclipse Foundation ThreadX组件中_nx_secure_tls_proc_clienthello_supported_versions_extension函数的扩展版本字段边界检查不正确。
Description (English)
Eclipse ThreadX NetX Duo is a dual IPv4 and IPv6 network stack of Eclipse ThreadX open sources. There was a security loophole in the previous version of Eclipse ThreadX NetX Duo 6.4.4 from the incorrect border check of the extended version field of the Eclipse Foundation ThreadX component nx security tls proc clientthello supported versions extension.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Eclipse ThreadX
Published
2025-10-16
Last Modified
2026-02-24
References
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-m474-39rw-v8gm
Patch
https://github.com/eclipse-threadx/netxduo/releases
Share on: