CVE-2025-5868
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-07-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rt-thread | rt-thread | 5.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5868 is a critical vulnerability in RT-Thread version 5.1.0, specifically in the sys_thread_sigprocmask system call. The vulnerability occurs because the 'how' parameter, which is passed from user space, is used directly as an index into an array without proper bounds checking. This improper validation allows a compromised user thread to cause out-of-bounds memory access, potentially leading to kernel crashes and unauthorized memory access. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to serious impacts including kernel crashes causing denial of service, and potentially privilege escalation by allowing unauthorized access to kernel memory. Exploiting this flaw could destabilize the system and compromise its security. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of CVE-2025-5868 involves monitoring for abnormal kernel crashes or denial of service symptoms related to the sys_thread_sigprocmask system call in RT-Thread 5.1.0. Since the vulnerability arises from improper validation of the 'how' parameter used as an array index, detection could include auditing system logs for kernel panic or crash messages linked to this syscall. Additionally, reviewing source code or binaries for the presence of the vulnerable sys_thread_sigprocmask implementation can help. Specific commands are not provided in the resources, but general approaches include checking kernel logs (e.g., dmesg) for crashes and using debugging tools to trace calls to sys_thread_sigprocmask. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating RT-Thread to a version where this vulnerability is fixed or applying patches that add proper validation of the 'how' parameter in the sys_thread_sigprocmask function. If updates or patches are not available, restricting access to the vulnerable system call or limiting user thread privileges to prevent exploitation can reduce risk. Monitoring for unusual kernel behavior and preparing for incident response in case of exploitation attempts is also advised. [1, 2]