Stack overflow via unchecked recursion in USBX Host Storage mount
CVE-2025-55095 Published on January 27, 2026

The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in _ux_host_class_storage_partition_read(), which parses up to four partition entries. If an extended partition is found (with type UX_HOST_CLASS_STORAGE_PARTITION_EXTENDED or EXTENDED_LBA_MAPPED), the code invokes: _ux_host_class_storage_media_mount(storage, sector + _ux_utility_long_get(...)); There is no limit on the recursion depth or tracking of visited sectors. As a result, a malicious or malformed disk image can include cyclic or excessively deep chains of extended partitions, causing the function to recurse until stack overflow occurs.

NVD

Vulnerability Analysis

CVE-2025-55095 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
LOW

Weakness Types

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2025-55095 has been classified to as a Stack Overflow vulnerability or weakness.

What is a Stack Exhaustion Vulnerability?

The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.

CVE-2025-55095 has been classified to as a Stack Exhaustion vulnerability or weakness.


Products Associated with CVE-2025-55095

Want to know whenever a new CVE is published for Eclipse Threadx? stack.watch will email you.

Eclipse Threadx
 

Affected Versions

Eclipse Foundation Eclipse ThreadX - USBX:

Exploit Probability

EPSS
0.01%
Percentile
2.63%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.