CVE-2026-40317

NovumOS (a custom 32-bit OS written in Zig/x86 Assembly) prior to version 0.24 is affected by a local privilege-escalation in the Syscall 12 JumpToUser interface. The vulnerability arises because JumpToUser accepts an arbitrary entry-point address from user-space without validation, enabling any ...

CVE-2026-40317 NovumOS has Privilege Escalation in the Syscall Interface

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...

NovumOS 安全漏洞

NovumOS is an 32-bit protected mode operating system developed by MinecAnton209. Versions of NovumOS prior to 0.24 contained security vulnerabilities; these vulnerabilities stemmed from Syscall 12 not verifying the entry address provided by the user space, which could lead to local privilege...

PT-2026-33547

Name of the Vulnerable Software and Affected Versions NovumOS versions prior to 0.24 Description Syscall 12 'JumpToUser' accepts an arbitrary entry point address from user-space registers without validation. This allows a Ring 3 user-mode process to jump to kernel addresses and execute arbitrary...