CVE-2024-2212
- Reference to the description:
- Description:
- In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c) were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows.
- Last updated date:
- 02/06/2025
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/06/2025
- Reference url to background
https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-v9jj-7qjg-h6g6