5 matches found
EUVD-2020-2492
Malware in sbrugna...
Design/Logic Flaw
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 a...
CVE-2020-10027 ARC Platform Uses Signed Integer Comparison When Validating Syscall Numbers
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...
CVE-2020-10024 ARM Platform Uses Signed Integer Comparison When Validating Syscall Numbers
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 a...
CVE-2020-10024
This CVE concerns Zephyr RTOS: the ARM platform-specific code uses a signed integer comparison when validating syscall numbers. The root cause enables privilege escalation from a user thread to kernel level if code execution is obtained in user space. Affected versions are Zephyr project-rtos Zep...