| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM+3YVrDT7mYEVbxzpzwqm=dA-dtBr5Ob3b5ge4NGYfobXVCYg@mail.gmail.com>
Date: Tue, 5 Mar 2024 11:40:42 +0100
From: Marco Ivaldi <raptor@...eadbeef.info>
To: fulldisclosure@...lists.org, oss-security@...ts.openwall.com,
submissions@...ketstormsecurity.com
Subject: [FD] HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities
in RT-Thread RTOS
Hi,
Please find attached a security advisory that describes multiple
vulnerabilities we discovered in RT-Thread RTOS.
* Title: Multiple vulnerabilities in RT-Thread RTOS
* OS: RT-Thread <= 5.0.2
* Author: Marco Ivaldi <marco.ivaldi@...ecurity.it>
* Date: 2024-03-05
* CVE IDs and advisory URLs:
* CVE-2024-24334 - https://github.com/RT-Thread/rt-thread/issues/8282
* CVE-2024-24335 - https://github.com/RT-Thread/rt-thread/issues/8271
* CVE-2024-25388 - https://github.com/RT-Thread/rt-thread/issues/8285
* CVE-2024-25389 - https://github.com/RT-Thread/rt-thread/issues/8283
* CVE-2024-25390 - https://github.com/RT-Thread/rt-thread/issues/8286
* CVE-2024-25391 - https://github.com/RT-Thread/rt-thread/issues/8287
* CVE-2024-25392 - https://github.com/RT-Thread/rt-thread/issues/8290
* CVE-2024-25393 - https://github.com/RT-Thread/rt-thread/issues/8288
* CVE-2024-25394 - https://github.com/RT-Thread/rt-thread/issues/8291
* CVE-2024-25395 - https://github.com/RT-Thread/rt-thread/issues/8289
* https://github.com/RT-Thread/rt-thread/issues/8292
* Vendor URL: https://www.rt-thread.io/
The advisory is also available at:
https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt
For additional information, please refer to our vulnerability writeup:
https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos
Regards,
--
Marco Ivaldi
https://0xdeadbeef.info/
"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl."
View attachment "HNS-2024-05-rt-thread.txt" of type "text/plain" (36067 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists