{"id":"CVE-2024-2214","details":"In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the \nXtensa port was missing an array size check causing a memory overwrite. \nThe affected file was ports/xtensa/xcc/src/tx_clib_lock.c","modified":"2026-04-12T08:03:52.368494Z","published":"2024-03-26T16:15:13.430Z","related":["GHSA-vmp6-qhp9-r66x"],"references":[{"type":"FIX","url":"https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-vmp6-qhp9-r66x"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2024/05/28/1"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/35"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eclipse-threadx/threadx","events":[{"introduced":"0"},{"fixed":"39f3c86c61ec478720bac9fca8f17ccedb8f052b"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.4.0"}]}}],"versions":["v6.0.1_rel","v6.0.2_rel","v6.0_rel","v6.1.10_rel","v6.1.11_rel","v6.1.12_rel","v6.1.1_rel","v6.1.2_rel","v6.1.3_rel","v6.1.5_rel","v6.1.6_rel","v6.1.7_rel","v6.1.8_rel","v6.1.9_rel","v6.1_rel","v6.2.0_rel","v6.2.1_rel","v6.3.0_rel"],"database_specific":{"vanir_signatures_modified":"2026-04-12T08:03:52Z","vanir_signatures":[{"deprecated":false,"target":{"function":"_Mtxinit","file":"ports/xtensa/xcc/src/tx_clib_lock.c"},"signature_type":"Function","id":"CVE-2024-2214-1936b16f","signature_version":"v1","source":"https://github.com/eclipse-threadx/threadx/commit/39f3c86c61ec478720bac9fca8f17ccedb8f052b","digest":{"length":272,"function_hash":"21440705155404283821141681700921315961"}},{"deprecated":false,"target":{"file":"ports/xtensa/xcc/src/tx_clib_lock.c"},"signature_type":"Line","id":"CVE-2024-2214-fa92f5c0","signature_version":"v1","source":"https://github.com/eclipse-threadx/threadx/commit/39f3c86c61ec478720bac9fca8f17ccedb8f052b","digest":{"threshold":0.9,"line_hashes":["321615530020277052163727575189001966430","76076730028992049536459261922763312508","161729058754765427883402847621987807659","248756517319654798557447821379620083935"]}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-2214.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}