Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question regarding vulnerability CVE-2023-48693 #406

Open
bastreynard opened this issue Sep 3, 2024 · 1 comment
Open

Question regarding vulnerability CVE-2023-48693 #406

bastreynard opened this issue Sep 3, 2024 · 1 comment
Labels
bug Something isn't working hardware New hardware or architecture support request

Comments

@bastreynard
Copy link

Hello,
We are running ThreadX version 6.2.1 on products where a version bump is not possible (will bump for future products).

Would it be possible to know which commit/PR is responsible for fixing the remote code execution vulnerability, in order to be able to assess if we can patch it on earlier products on our end ?

Thank you for your support and have a great day,
Bastien
@bastreynard bastreynard added bug Something isn't working hardware New hardware or architecture support request labels Sep 3, 2024
@amgross
Copy link

amgross commented Sep 3, 2024

I guess it is about #307 (which BTW effects just threadx modules, in none module there is no privilege mechanism anyway)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working hardware New hardware or architecture support request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bastreynard @amgross