Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaround is to disable HTTP PUT support. This issue follows an uncomplete fix in CVE-2025-0728.

N/A

整数下溢(超界折返)

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo是Eclipse ThreadX开源的一个 IPv4 和 IPv6 双重网络堆栈。 Eclipse ThreadX NetX Duo 6.4.3之前版本存在安全漏洞，该漏洞源于整数下溢，可能导致拒绝服务。

N/A

N/A