Vulnerability CVE-2024-2452


Published: 2024-03-26

Description:
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control
parameters of __portable_aligned_alloc() could cause an integer
wrap-around and an allocation smaller than expected. This could cause
subsequent heap buffer overflows.

See advisories in our WLB2 database:
Topic
Author
Date
High
Eclipse ThreadX Buffer Overflows
Marco Ivaldi
29.05.2024

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

 References:
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-h963-7vhw-8rpx

Copyright 2024, cxsecurity.com

 

Back to Top