{"id":"CVE-2025-55092","summary":"Potential out of bound read in _nx_ipv4_option_process()","details":"In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option.","aliases":["GHSA-vwh7-h99r-fvwq"],"modified":"2026-07-15T01:49:03.680375812Z","published":"2025-10-17T05:09:16.494Z","database_specific":{"cna_assigner":"eclipse","cwe_ids":["CWE-125","CWE-126"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55092.json"},"references":[{"type":"WEB","url":"https://github.com/eclipse-threadx/netxduo/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55092.json"},{"type":"ADVISORY","url":"https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-vwh7-h99r-fvwq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55092"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eclipse-threadx/netxduo","events":[{"introduced":"0"},{"fixed":"e306027c2f60db4653e120460da523ec561edd1d"}],"database_specific":{"cpe":"cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"6.4.4"},{"fixed":"6.4.4.202503"}],"source":["AFFECTED_FIELD","CPE_RANGE"]}}],"versions":["v.6.4.4.202503_rel","v6.4.3_rel","v6.4.2_rel","v6.4.1_rel","v6.4.0_rel","v6.3.0_rel","v6.2.1_rel","v6.2.0_rel","v6.1.12_rel","v6.1.11_rel","v6.1.10_rel","v6.1.9_rel","v6.1.8_rel","v6.1.7_rel","v6.1.6_rel","v6.1.5_rel","v6.1.4_rel","v6.1.3_rel","v6.1.2_rel","v6.1_rel","v6.0.2_rel","v6.0.1_rel","v6.0_rel"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55092.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"}]}