CVE-2025-5865 | RT-Thread 5.1.0 Parameter lwp_syscall.c sys_select timeout memory corruption (Issue 10298)

A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption.

This vulnerability is handled as CVE-2025-5865. Access to the local network is required for this attack. There is no exploit available.

The vendor explains, that “[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.”VulDB Recent EntriesRead More