Description
A weakness has been identified in RT-Thread up to 5.0.2. This affects the function sys_getaddrinfo of the file components/lwp/lwp_syscall.c. Executing a manipulation of the argument ai_addr can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.
Published: 2026-07-03
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A memory corruption vulnerability exists in the sys_getaddrinfo function. The flaw allows a malicious local user to corrupt memory, potentially leading to arbitrary code execution or system instability, depending on how the corrupted memory is used. The flaw is classified as CWE‑119, a classic buffer overflow scenario.

Affected Systems

The only affected vendor is RT‑Thread and the firmware versions are 5.0.2 and earlier. All builds that include the sys_getaddrinfo implementation are vulnerable until the pull request that introduces bounds checking for ai_addr is merged or until a newer RT‑Thread release containing the patch is deployed.

Risk and Exploitability

The CVSS score of 6.8 indicates a medium severity level according to the CVSS scale, but this assessment is inferred because the original advisory does not explicitly rate severity. The attack requires local privileges and is not a remote exploitation vector. EPSS score of < 1% indicates a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog, indicating that it is not currently a widely exploited flaw. However, a public exploit has been released, and the flaw remains significant for systems that run unpatched RT‑Thread where local users can execute code.

Generated by OpenCVE AI on July 5, 2026 at 00:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade RT‑Thread to the fixed release once the pull request is merged or to any newer 5.x version that includes the patch.
  • Limit local user privileges and isolate vulnerable processes until a patch is available.
  • Monitor the RT‑Thread GitHub repository and security advisories for the resolution of CVE‑2026‑14607 and apply any community backport patches as soon as they become available.

Generated by OpenCVE AI on July 5, 2026 at 00:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Jul 2026 20:00:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in RT-Thread up to 5.0.2. This affects the function sys_getaddrinfo of the file components/lwp/lwp_syscall.c. Executing a manipulation of the argument ai_addr can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.
Title RT-Thread lwp_syscall.c sys_getaddrinfo memory corruption
First Time appeared Rt-thread
Rt-thread rt-thread
Weaknesses CWE-119
CPEs cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*
Vendors & Products Rt-thread
Rt-thread rt-thread
References
Metrics cvssV2_0

{'score': 4.6, 'vector': 'AV:L/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.5, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P'}


Subscriptions

Rt-thread Rt-thread
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-07-03T19:45:17.840Z

Reserved: 2026-07-03T13:51:39.652Z

Link: CVE-2026-14607

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-05T00:45:04Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer