PT-2024-20919 · Rt-Thread · Rt-Thread
Marco Ivaldi
·
Published
2024-03-05
·
Updated
2024-11-20
·
CVE-2024-25394
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
RT-Thread versions through 5.0.2
Description
A buffer overflow occurs in utilities/ymodem/ry sy.c because of an incorrect sprintf call or a missing '0' character.
Recommendations
For versions through 5.0.2, update to a version that fixes the buffer overflow issue in utilities/ymodem/ry sy.c.
As a temporary workaround, consider restricting access to the vulnerable
ry sy.c file until a patch is available.Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rt-Thread