CNNVD-202510-2421 Information

CNNVD ID

CNNVD-202510-2421

Related CVE

CVE-2025-55098

• CNNVD Published: 2025-10-17

Description (Chinese)

Eclipse ThreadX USBX是Eclipse ThreadX开源的一个USB主机、设备和移动嵌入式堆栈。 Eclipse ThreadX USBX 6.4.3之前版本存在缓冲区错误漏洞，该漏洞源于解析USB音频设备描述符时可能出现越界读取。

Description (English)

Eclipse ThreadX USBX is a USB host, device and mobile embedded stack from Eclipse ThreadX open source. The previous version of Eclipse ThreadX USBX 6.4.3 had an error loophole in the buffer zone, which stemmed from the possibility of cross-border reading when decrypting the USB audio device description.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

Eclipse ThreadX

Published

2025-10-17

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-4jc2-x5hv-46fq https://access.redhat.com/security/cve/cve-2025-55098

Patch

https://github.com/eclipse-threadx/usbx/releases