Description

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way.

Related CPE's

a

rt-thread

rt-thread

Vulnerable

References

https://github.com/RT-Thread/rt-thread/issues/10387

ExploitIssue Tracking

https://vuldb.com/?ctiid.313959

Permissions RequiredVDB Entry

https://vuldb.com/?id.313959

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595813

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595814

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595827

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595869

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595870

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.595871

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Secondary
CWE-119

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2025-06-26T13:15:29.593

5 months ago

Last modified

2025-07-11T14:27:37.840

5 months ago