CNNVD-202510-2429 Information

CNNVD ID

CNNVD-202510-2429

Related CVE

CVE-2025-55096

• CNNVD Published: 2025-10-17

Description (Chinese)

Eclipse ThreadX USBX是Eclipse ThreadX开源的一个USB主机、设备和移动嵌入式堆栈。 Eclipse ThreadX USBX 6.4.3之前版本存在数字错误漏洞，该漏洞源于解析USB HID设备描述符时可能出现越界读取。

Description (English)

Eclipse ThreadX USBX is a USB host, device and mobile embedded stack from Eclipse ThreadX open source. Eclipse ThreadX USBX 6.4.3 has a digital error loophole, which arises from the possibility of cross-border reading when decrypting the USB HID device description.

Hazard Level

High

Vulnerability Type

数字错误

Affected Vendor

Eclipse ThreadX

Published

2025-10-17

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-8m9v-jvjp-gmxq https://access.redhat.com/security/cve/cve-2025-55096

Patch

https://github.com/eclipse-threadx/usbx/releases