CNNVD-202510-2422 Information

CNNVD ID

CNNVD-202510-2422

Related CVE

CVE-2025-55100

• CNNVD Published: 2025-10-17

Description (Chinese)

Eclipse ThreadX USBX是Eclipse ThreadX开源的一个USB主机、设备和移动嵌入式堆栈。 Eclipse ThreadX USBX 6.4.3之前版本存在缓冲区错误漏洞，该漏洞源于解析采样频率列表时存在潜在越界读取问题。

Description (English)

Eclipse ThreadX USBX is a USB host, device and mobile embedded stack from Eclipse ThreadX open source. The previous version of Eclipse ThreadX USBX 6.4.3 had an error loophole in the buffer zone, which stemmed from a potential cross-border reading problem when deciphering the list of sampling frequencies.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

Eclipse ThreadX

Published

2025-10-17

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-j253-w29r-9m48 https://access.redhat.com/security/cve/cve-2025-55100

Patch

https://github.com/eclipse-threadx/usbx/releases