CNNVD-202510-2489 Information

CNNVD ID

CNNVD-202510-2489

Related CVE

CVE-2025-55085

• CNNVD Published: 2025-10-17

Description (Chinese)

Eclipse ThreadX NetX Duo是Eclipse ThreadX开源的一个 IPv4 和 IPv6 双重网络堆栈。 Eclipse ThreadX NetX Duo 6.4.4之前版本存在安全漏洞，该漏洞源于HTTP客户端模块中Eclipse Foundation ThreadX的网络支持代码缺少边界验证，可能导致未定义行为。

Description (English)

Eclipse ThreadX NetX Duo is a dual IPv4 and IPv6 network stack of Eclipse ThreadX open sources. Eclipse ThreadX NetX Duo 6.4.4 has a security loophole which stems from the lack of border verification of the network support code for Eclipse Foundation ThreadX in the HTTP client module, which may lead to undefined behaviour.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Eclipse ThreadX

Published

2025-10-17

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-9c77-rgp9-c2g2 https://access.redhat.com/security/cve/cve-2025-55085

Patch

https://github.com/eclipse-threadx/netxduo/releases