CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

June 9, 2025

CVE ID : CVE-2025-5865

Published : June 9, 2025, 7:15 a.m. | 2 hours, 23 minutes ago

Description : A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that “[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.”

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5893 – Honding Technology Smart Parking Management System Sensitive Information Exposure

Next Article CVE-2025-5866 – RT-Thread Array Index Validation Vulnerability

Highlights

CVE-2025-46573 – OpenSAMLPassport-WSFed Impersonation Vulnerability

May 6, 2025

CVE ID : CVE-2025-46573

Published : May 6, 2025, 9:16 p.m. | 2 hours, 41 minutes ago

Description : passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done by adding attributes to the response. Users are affected specifically when the service provider is using `passport-wsfed-saml2` and a valid SAML Response signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

Manipulate Image URLs in Laravel with the Image Transform Package

Top 7 Mistakes Enterprises Make When Outsourcing React.js Development

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines

Boosting Up Your Creativity Without Endless Reference Scrolling

CVE-2025-46573 – OpenSAMLPassport-WSFed Impersonation Vulnerability

The Intersection of Agile and Accessibility – How Agile Can Drive Systemic Inclusion

CVE-2025-38224 – Kvaser PCIEFD Linux Kernel Slab Out-of-Bounds Write

CVE-2025-9396 – lrzip Null Pointer Dereference Vulnerability

CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

Related Posts