Eclipse Threadx
6 CVEs affecting Eclipse Threadx. Latest disclosed: 2026-01-27. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0648 | High | 7.8 | 2026-01-27 | The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_osek.c) wh… |
CVE-2024-2212 | High | 7.3 | 2024-03-26 | In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeR… |
CVE-2025-55080 | High | 7.1 | 2025-10-15 | In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary… |
CVE-2024-2214 | High | 7.0 | 2024-03-26 | In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected… |
CVE-2025-55079 | Medium | 5.5 | 2025-10-15 | In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed… |
CVE-2025-55078 | Medium | 5.5 | 2025-10-14 | In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a pointer to a reserved or unmapped memory region. Vuln… |