CVE-2025-5865
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-07-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rt-thread | rt-thread | 5.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-NVD-CWE-Other |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5865 is a critical vulnerability in RT-Thread version 5.1.0 affecting the sys_select system call. The issue arises because the timeout parameter passed to this function is only checked for being NULL but not validated to ensure it points to valid memory. This insufficient pointer validation allows a compromised user thread to manipulate the timeout argument, leading to memory corruption in kernel space. This can cause kernel crashes or unauthorized access to kernel memory. [1, 3]
How can this vulnerability impact me? :
This vulnerability can lead to severe impacts including kernel crashes causing Denial of Service (DoS), unauthorized access to kernel memory, and potential privilege escalation. It affects the system's confidentiality, integrity, and availability. Exploitation is considered easy and can be partially done remotely without requiring local access, making affected systems vulnerable to attacks that disrupt service or compromise sensitive data. [1, 2, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability impacts confidentiality, integrity, and availability of the system, which are core principles in standards like GDPR and HIPAA. Exploitation could lead to unauthorized access or data breaches, potentially causing non-compliance with these regulations. However, no specific compliance impact details are provided in the resources. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for abnormal kernel crashes or memory faults related to the sys_select system call in RT-Thread 5.1.0. Since the issue arises from improper handling of the timeout parameter leading to memory corruption, you can look for kernel logs indicating faults or crashes triggered by sys_select. Specific commands would depend on your system's logging tools, but generally, you can use commands like 'dmesg' or 'journalctl' to check kernel logs for related errors. Additionally, monitoring for unusual behavior or crashes in processes using sys_select may help detect exploitation attempts. However, no specific detection commands or signatures are provided in the resources. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the vulnerable RT-Thread 5.1.0 version or applying patches if available. Since the vulnerability stems from improper validation of the timeout parameter in the sys_select call, ensuring that the timeout parameter is properly validated before use in kernel mode is critical. The vendor recommends checking that the timeout parameter can be accessed correctly in kernel mode and used temporarily in kernel memory. As no known countermeasures or patches are currently provided, it is suggested to consider alternative products or versions that do not contain this vulnerability to prevent exploitation. [2]