CVE-2025-5866

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.
References
Link Resource
https://github.com/RT-Thread/rt-thread/issues/10300 Exploit Issue Tracking Third Party Advisory
https://vuldb.com/?ctiid.311625 Permissions Required VDB Entry
https://vuldb.com/?id.311625 Third Party Advisory VDB Entry
https://vuldb.com/?submit.584127 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:rt-thread:rt-thread:5.1.0:*:*:*:*:*:*:*

History

11 Jul 2025, 18:19

Type Values Removed Values Added
Summary
  • (es) Se ha detectado una vulnerabilidad crítica en RT-Thread 5.1.0. Esta afecta a la función sys_sigprocmask del archivo rt-thread/components/lwp/lwp_syscall.c. La manipulación del argumento `how` provoca una validación incorrecta del índice de la matriz.
CPE cpe:2.3:o:rt-thread:rt-thread:5.1.0:*:*:*:*:*:*:*
First Time Rt-thread
Rt-thread rt-thread
References () https://github.com/RT-Thread/rt-thread/issues/10300 - () https://github.com/RT-Thread/rt-thread/issues/10300 - Exploit, Issue Tracking, Third Party Advisory
References () https://vuldb.com/?ctiid.311625 - () https://vuldb.com/?ctiid.311625 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.311625 - () https://vuldb.com/?id.311625 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.584127 - () https://vuldb.com/?submit.584127 - Third Party Advisory, VDB Entry

09 Jun 2025, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-09 07:15

Updated : 2025-07-11 18:19


NVD link : CVE-2025-5866

Mitre link : CVE-2025-5866

CVE.ORG link : CVE-2025-5866


JSON object : View

Products Affected

rt-thread

  • rt-thread
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-129

Improper Validation of Array Index