CVE-2024-2214

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Mar 26, 2024
Updated: Jun 10, 2024
CWE ID 269

Summary

CVE-2024-2214 is a vulnerability affecting Eclipse ThreadX versions prior to 6.4.0. The issue lies within the _Mtxinit() function in the Xtensa port, which lacks a critical array size check. Consequentially, a memory overwrite occurs, potentially leading to exploitation. The affected file is identified as ports/xtensa/xcc/src/tx_clib_lock.c.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share