CVE-2025-55079— Missing check for thread priority
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-55079
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing check for thread priority
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed, allowing, as a result, to obtain a thread with higher priority than expected and causing a possible denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Vulnerability Title
Eclipse ThreadX RTOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Eclipse ThreadX RTOS是Eclipse ThreadX公司的专为深度嵌入式应用程序设计的高级实时操作系统 (RTOS)。 Eclipse ThreadX RTOS 6.4.3之前版本存在安全漏洞,该漏洞源于未正确检查线程模块的最大优先级设置,可能导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Eclipse Foundation | ThreadX | 0 ~ 6.4.3 | - |
II. Public POCs for CVE-2025-55079
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-55079
请登录查看更多情报信息。
Same Patch Batch · Eclipse Foundation · 2025-10-15 · 5 CVEs total
| CVE-2025-55080 | Improper Parameter Check in ThreadX Syscall Implementation | |
| CVE-2025-55081 | Potential out of bound read in _nx_secure_tls_process_clienthello() | |
| CVE-2025-55082 | Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find() | |
| CVE-2025-55083 | Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_exten |
IV. Related Vulnerabilities
Same product: ThreadX
- CVE-2025-55080
Improper Parameter Check in ThreadX Syscall Implementation - CVE-2025-55078
Incomplete validation of kernel object pointers in system ca - CVE-2025-2259
Eclipse ThreadX NetX Duo component HTTP server single PUT re - CVE-2025-2260
Eclipse ThreadX NetX Duo HTTP component server denial of ser - CVE-2025-2258
Eclipse ThreadX NetX Duo HTTP server single PUT request inte
Same weakness: CWE-770
- CVE-2026-42294
Argo Workflows: Unauthenticated Memory Exhaustion (DoS) in W - CVE-2026-42189
Russh: Pre-auth DoS via unbounded allocation in keyboard-int - CVE-2026-42793
Atom table exhaustion via attacker-controlled GraphQL SDL na - CVE-2026-44499
ZEBRA: Permanent Block Discovery Halt via Gossip Queue Satur - CVE-2026-44500
ZEBRA: Allocation Amplification in Inbound Network Deseriali
V. Comments for CVE-2025-55079
No comments yet