CNNVD-202601-4538 Information

CNNVD ID

CNNVD-202601-4538

Related CVE

CVE-2025-55095

• CNNVD Published: 2026-01-27

Description (Chinese)

Eclipse ThreadX USBX是Eclipse ThreadX开源的一个USB主机、设备和移动嵌入式堆栈。 Eclipse ThreadX USBX存在安全漏洞，该漏洞源于_ux_host_class_storage_media_mount函数递归深度无限制，可能导致栈溢出。

Description (English)

Eclipse ThreadX USBX is a USB host, device and mobile embedded stack from Eclipse ThreadX open source. There is a security loophole in Eclipse ThreadX USBX, which originates from the unlimited Depth of the ux host class storage media mount function, which may result in a spill.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Eclipse ThreadX

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-qfmp-wch9-rpv2 https://access.redhat.com/security/cve/cve-2025-55095

Patch

https://github.com/eclipse-threadx/usbx/releases