CVE

CVE-2024-2452

Date: (C)2024-03-27   (M)2024-03-27

In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows.

Reference:

https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-h963-7vhw-8rpx