Search criteria
17 vulnerabilities by rt-thread
CVE-2025-6693 (GCVE-0-2025-6693)
Vulnerability from cvelistv5 – Published: 2025-06-26 13:00 – Updated: 2025-06-26 13:21
VLAI?
Title
RT-Thread device.c sys_device_write memory corruption
Summary
A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-119 - Memory Corruption
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-26T13:21:32.765112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T13:21:53.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in RT-Thread bis 5.1.0 gefunden. Betroffen hiervon ist die Funktion sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write der Datei components/drivers/core/device.c. Durch Manipulieren mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T13:00:15.142Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313959 | RT-Thread device.c sys_device_write memory corruption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.313959"
},
{
"name": "VDB-313959 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313959"
},
{
"name": "Submit #595813 | RT-Thread 5.1.0 Code Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595813"
},
{
"name": "Submit #595814 | RT-Thread 5.1.0 Insufficient Control Flow Management (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595814"
},
{
"name": "Submit #595827 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595827"
},
{
"name": "Submit #595869 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595869"
},
{
"name": "Submit #595870 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595870"
},
{
"name": "Submit #595871 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595871"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10387"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-26T09:16:41.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread device.c sys_device_write memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6693",
"datePublished": "2025-06-26T13:00:15.142Z",
"dateReserved": "2025-06-26T07:11:34.580Z",
"dateUpdated": "2025-06-26T13:21:53.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5869 (GCVE-0-2025-5869)
Vulnerability from cvelistv5 – Published: 2025-06-09 08:31 – Updated: 2025-06-09 18:03
VLAI?
Title
RT-Thread lwp_syscall.c sys_recvfrom memory corruption
Summary
A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption.
Severity ?
CWE
- CWE-119 - Memory Corruption
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T18:03:25.288081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:03:36.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in RT-Thread 5.1.0 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion sys_recvfrom der Datei rt-thread/components/lwp/lwp_syscall.c. Durch das Beeinflussen des Arguments from mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.7,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T08:31:05.517Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311628 | RT-Thread lwp_syscall.c sys_recvfrom memory corruption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311628"
},
{
"name": "VDB-311628 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311628"
},
{
"name": "Submit #584135 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584135"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10304"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c sys_recvfrom memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5869",
"datePublished": "2025-06-09T08:31:05.517Z",
"dateReserved": "2025-06-08T17:36:37.668Z",
"dateUpdated": "2025-06-09T18:03:36.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5868 (GCVE-0-2025-5868)
Vulnerability from cvelistv5 – Published: 2025-06-09 08:00 – Updated: 2025-06-09 18:08
VLAI?
Title
RT-Thread lwp_syscall.c sys_thread_sigprocmask array index
Summary
A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T18:07:59.373679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:08:06.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in RT-Thread 5.1.0 entdeckt. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion sys_thread_sigprocmask der Datei rt-thread/components/lwp/lwp_syscall.c. Durch Manipulieren des Arguments how mit unbekannten Daten kann eine improper validation of array index-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.4,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T08:00:17.129Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311627 | RT-Thread lwp_syscall.c sys_thread_sigprocmask array index",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311627"
},
{
"name": "VDB-311627 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311627"
},
{
"name": "Submit #584130 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584130"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10303"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c sys_thread_sigprocmask array index"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5868",
"datePublished": "2025-06-09T08:00:17.129Z",
"dateReserved": "2025-06-08T17:36:35.071Z",
"dateUpdated": "2025-06-09T18:08:06.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5867 (GCVE-0-2025-5867)
Vulnerability from cvelistv5 – Published: 2025-06-09 07:31 – Updated: 2025-06-09 18:07
VLAI?
Title
RT-Thread lwp_syscall.c csys_sendto null pointer dereference
Summary
A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5867",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T18:07:29.087776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:07:33.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference."
},
{
"lang": "de",
"value": "In RT-Thread 5.1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion csys_sendto der Datei rt-thread/components/lwp/lwp_syscall.c. Durch das Manipulieren des Arguments to mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.7,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T07:31:04.833Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311626 | RT-Thread lwp_syscall.c csys_sendto null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311626"
},
{
"name": "VDB-311626 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311626"
},
{
"name": "Submit #584129 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584129"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10299"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c csys_sendto null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5867",
"datePublished": "2025-06-09T07:31:04.833Z",
"dateReserved": "2025-06-08T17:36:32.580Z",
"dateUpdated": "2025-06-09T18:07:33.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5866 (GCVE-0-2025-5866)
Vulnerability from cvelistv5 – Published: 2025-06-09 07:00 – Updated: 2025-06-09 13:38
VLAI?
Title
RT-Thread lwp_syscall.c sys_sigprocmask array index
Summary
A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5866",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:36:55.654571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:38:00.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in RT-Thread 5.1.0 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft die Funktion sys_sigprocmask der Datei rt-thread/components/lwp/lwp_syscall.c. Mittels Manipulieren des Arguments how mit unbekannten Daten kann eine improper validation of array index-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.4,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T07:00:16.712Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311625 | RT-Thread lwp_syscall.c sys_sigprocmask array index",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311625"
},
{
"name": "VDB-311625 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311625"
},
{
"name": "Submit #584127 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584127"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10300"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c sys_sigprocmask array index"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5866",
"datePublished": "2025-06-09T07:00:16.712Z",
"dateReserved": "2025-06-08T17:36:29.825Z",
"dateUpdated": "2025-06-09T13:38:00.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5865 (GCVE-0-2025-5865)
Vulnerability from cvelistv5 – Published: 2025-06-09 06:31 – Updated: 2025-06-09 13:22
VLAI?
Title
RT-Thread Parameter lwp_syscall.c sys_select memory corruption
Summary
A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that "[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory."
Severity ?
CWE
- CWE-119 - Memory Corruption
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5865",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:22:32.917495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:22:44.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10298"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Parameter Handler"
],
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that \"[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.\""
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in RT-Thread 5.1.0 ausgemacht. Hierbei geht es um die Funktion sys_select der Datei rt-thread/components/lwp/lwp_syscall.c der Komponente Parameter Handler. Mittels dem Manipulieren des Arguments timeout mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.7,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T06:31:23.530Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311624 | RT-Thread Parameter lwp_syscall.c sys_select memory corruption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311624"
},
{
"name": "VDB-311624 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311624"
},
{
"name": "Submit #584124 | RT-Thread 5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584124"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10298"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/10298#issuecomment-2894952150"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-08T19:41:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread Parameter lwp_syscall.c sys_select memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5865",
"datePublished": "2025-06-09T06:31:23.530Z",
"dateReserved": "2025-06-08T17:36:27.348Z",
"dateUpdated": "2025-06-09T13:22:44.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1115 (GCVE-0-2025-1115)
Vulnerability from cvelistv5 – Published: 2025-02-08 10:00 – Updated: 2025-02-16 08:42
VLAI?
Title
RT-Thread lwp_syscall.c sys_timer_settime information disclosure
Summary
A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this vulnerability is the function sys_device_close/sys_device_control/sys_device_find/sys_device_init/sys_device_open/sys_device_read/sys_device_register/sys_device_write/sys_event_delete/sys_event_recv/sys_event_send/sys_mb_delete/sys_mb_recv/sys_mb_send/sys_mb_send_wait/sys_mq_recv/sys_mq_send/sys_mq_urgent/sys_mutex_delete/sys_mutex_release/sys_mutex_take/sys_rt_timer_control/sys_rt_timer_delete/sys_rt_timer_start/sys_rt_timer_stop/sys_sem_delete/sys_sem_release/sys_sem_take/sys_shmat/sys_shmdt/sys_thread_create/sys_thread_delete/sys_thread_startup/sys_timer_delete/sys_timer_gettime/sys_timer_settime of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument arg[0] leads to information disclosure. An attack has to be approached locally.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Zephyr Saxon (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1115",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T13:42:41.991336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:51:43.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RT-Thread",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Zephyr Saxon (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this vulnerability is the function sys_device_close/sys_device_control/sys_device_find/sys_device_init/sys_device_open/sys_device_read/sys_device_register/sys_device_write/sys_event_delete/sys_event_recv/sys_event_send/sys_mb_delete/sys_mb_recv/sys_mb_send/sys_mb_send_wait/sys_mq_recv/sys_mq_send/sys_mq_urgent/sys_mutex_delete/sys_mutex_release/sys_mutex_take/sys_rt_timer_control/sys_rt_timer_delete/sys_rt_timer_start/sys_rt_timer_stop/sys_sem_delete/sys_sem_release/sys_sem_take/sys_shmat/sys_shmdt/sys_thread_create/sys_thread_delete/sys_thread_startup/sys_timer_delete/sys_timer_gettime/sys_timer_settime of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument arg[0] leads to information disclosure. An attack has to be approached locally."
},
{
"lang": "de",
"value": "In RT-Thread bis 5.1.0 wurde eine problematische Schwachstelle entdeckt. Das betrifft die Funktion sys_device_close/sys_device_control/sys_device_find/sys_device_init/sys_device_open/sys_device_read/sys_device_register/sys_device_write/sys_event_delete/sys_event_recv/sys_event_send/sys_mb_delete/sys_mb_recv/sys_mb_send/sys_mb_send_wait/sys_mq_recv/sys_mq_send/sys_mq_urgent/sys_mutex_delete/sys_mutex_release/sys_mutex_take/sys_rt_timer_control/sys_rt_timer_delete/sys_rt_timer_start/sys_rt_timer_stop/sys_sem_delete/sys_sem_release/sys_sem_take/sys_shmat/sys_shmdt/sys_thread_create/sys_thread_delete/sys_thread_startup/sys_timer_delete/sys_timer_gettime/sys_timer_settime der Datei rt-thread/components/lwp/lwp_syscall.c. Dank Manipulation des Arguments arg[0] mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-16T08:42:23.595Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-295021 | RT-Thread lwp_syscall.c sys_timer_settime information disclosure",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.295021"
},
{
"name": "VDB-295021 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.295021"
},
{
"name": "Submit #489903 | RT-Thread v5.1.0 Improper Handling of Parameters",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.489903"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/9877"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-16T09:46:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "RT-Thread lwp_syscall.c sys_timer_settime information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1115",
"datePublished": "2025-02-08T10:00:11.339Z",
"dateReserved": "2025-02-07T16:27:34.781Z",
"dateUpdated": "2025-02-16T08:42:23.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25389 (GCVE-0-2024-25389)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" in calc_random in drivers/misc/rt_random.c.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T18:20:50.298513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:29:25.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:22.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8283"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RT-Thread through 5.0.2 generates random numbers with a weak algorithm of \"seed = 214013L * seed + 2531011L; return (seed \u003e\u003e 16) \u0026 0x7FFF;\" in calc_random in drivers/misc/rt_random.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:25.266Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8283"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25389",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:22.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25394 (GCVE-0-2024-25394)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character.
Severity ?
4.3 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T18:44:34.679642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T16:02:38.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:28.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing \u0027\\0\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:22.104Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8291"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25394",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:28.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-24334 (GCVE-0-2024-24334)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2024-08-01 23:19
VLAI?
Summary
A heap buffer overflow occurs in dfs_v2 dfs_file in RT-Thread through 5.0.2.
Severity ?
8.4 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-24334",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:18:10.940122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:18:20.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8282"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/pull/8305"
},
{
"name": "20240313 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow occurs in dfs_v2 dfs_file in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:23.694219",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8282"
},
{
"url": "https://github.com/RT-Thread/rt-thread/pull/8305"
},
{
"name": "20240313 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-24334",
"datePublished": "2024-03-27T00:00:00",
"dateReserved": "2024-01-25T00:00:00",
"dateUpdated": "2024-08-01T23:19:52.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25391 (GCVE-0-2024-25391)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.
Severity ?
8.4 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25391",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:17:45.728872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:17:48.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:24.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8287"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:28.369Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8287"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25391",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:24.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-24335 (GCVE-0-2024-24335)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.
Severity ?
8.4 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-24335",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:20:41.151866Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:21:02.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:03.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8271"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/pull/8278"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:15.797Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8271"
},
{
"url": "https://github.com/RT-Thread/rt-thread/pull/8278"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-24335",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-01-25T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:03.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25392 (GCVE-0-2024-25392)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2.
Severity ?
5.9 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:utilities_project:utilities:*:*:*:*:*:node.js:*:*"
],
"defaultStatus": "unknown",
"product": "utilities",
"vendor": "utilities_project",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25392",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T18:13:13.155266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:13.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:26.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8290"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:17.385Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8290"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25392",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:26.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25390 (GCVE-0-2024-25390)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.
Severity ?
8.4 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25390",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:13:37.732962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:15:52.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:23.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8286"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:18.936Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8286"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25390",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:23.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25395 (GCVE-0-2024-25395)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rtthread:rtthread:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rtthread",
"vendor": "rtthread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25395",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T20:55:20.993347Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:07.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:29.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8289"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:20.504Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8289"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25395",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:29.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25393 (GCVE-0-2024-25393)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:at_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "at_server",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T19:00:05.322881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T19:17:17.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:27.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8288"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:14.188Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8288"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25393",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:27.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25388 (GCVE-0-2024-25388)
Vulnerability from cvelistv5 – Published: 2024-03-27 00:00 – Updated: 2025-11-04 18:29
VLAI?
Summary
drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.
Severity ?
8.4 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-thread",
"vendor": "rt-thread",
"versions": [
{
"lessThanOrEqual": "5.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25388",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:18:49.571005Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-195",
"description": "CWE-195 Signed to Unsigned Conversion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:19:27.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:29:21.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RT-Thread/rt-thread/issues/8285"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:26.812Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RT-Thread/rt-thread/issues/8285"
},
{
"url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt"
},
{
"url": "https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Mar/28"
},
{
"name": "[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/05/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25388",
"datePublished": "2024-03-27T00:00:00.000Z",
"dateReserved": "2024-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:29:21.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}