Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RT-Thread Parameter lwp_syscall.c sys_select memory corruption
Vulnerability Description
A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that "[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory."
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
RT-Thread 安全漏洞
Vulnerability Description
RT-Thread是RT-Thread开源的一个开源物联网实时操作系统(RTOS)。 RT-Thread 5.1.0版本存在安全漏洞,该漏洞源于文件rt-thread/components/lwp/lwp_syscall.c中参数timeout的操作导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A