CVE-2025-5866

HIGH

RT-Thread 5.1.0 - Buffer Overflow

Title source: llm

Description

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.

References (4)

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.311625

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.311625

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.584127

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/RT-Thread/rt-thread/issues/10300

Scores

CVSS v3 8.0

EPSS 0.0117

EPSS Percentile 78.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-119 CWE-129

Status published

Products (1)

rt-thread/rt-thread 5.1.0

Published Jun 09, 2025

Tracked Since Feb 18, 2026