ARC Platform Uses Signed Integer Comparison When Validating Syscall Numbers

Description

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel.

See NCC-ZEP-001

Environment

None

Activity

Show:
David Brown
March 6, 2020, 4:12 PM

Code owners notified.

Ruud Derwig
March 7, 2020, 1:04 PM

PR with recommended fix has been submitted: https://github.com/zephyrproject-rtos/zephyr/pull/23328

Ruud Derwig
March 9, 2020, 8:17 AM

Fix has been merged for 2.2 release.

Assignee

Ruud Derwig

Reporter

David Brown

Labels

None

Authorized viewers

Jeremy Boone

CVE

CVE-2020-10027

Embargo Lift

2020/05/01

Fix versions

Affects versions

Priority

Medium
Configure