Primary

Context

Eclipse USBX Out-of-Bounds Read Vulnerability in Audio Descriptor Parsing

Vulnerability

A potential out-of-bounds read vulnerability has been identified in the USBX USB support module for Eclipse Foundation ThreadX, prior to version 6.4.3. The issue arises in the function '_ux_host_class_audio_alternate_setting_locate()' while parsing audio configuration descriptors. When the 'bSamFreqType' field indicates a range or list of frequencies, the function improperly reads additional bytes without verifying if enough data is available. This flaw could be exploited by a malicious USB device to craft a short descriptor that causes the host to read past its buffer, potentially leading to crashes or information leakage.

Impact

Exploitation of this vulnerability could cause crashes or unauthorized information disclosure.

Remediation

Users can upgrade to USBX version 6.4.3 or later to address this vulnerability.

Added: Oct 17, 2025, 6:17 AM

Updated: Oct 17, 2025, 6:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.6

remediation

7.7

relevance

0.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.6

remediation

7.7

relevance

0.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse USBX Out-of-Bounds Read Vulnerability in Audio Descriptor Parsing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating