Vulnerabilities

CVE-2025-55099

by Fred · 17/10/2025

In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_alternate_setting_locate() when parsing a descriptor with attacker-controlled frequency fields.

More information : https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-93mv-fcpr-9488

Similar

Tags: Cybersecurity Alert