CVEs-PoC/2020/CVE-2020-10024.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-10 11:57:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

POC

Reference

https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-30

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/CBackyx/CVE-Reproduction

926 B Raw Blame History

CVE-2020-10024

Description

POC

Reference

Github

926 B

Raw Blame History