exploitDog

GHSA-mj47-q8gf-5hfc

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to root access.

kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to root access.

Ссылки

EPSS

Процентиль: 12%

0.0004

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2019-13047

CVSS3: 7.8

nvd

больше 6 лет назад

kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to root access.

EPSS

Процентиль: 12%

0.0004

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-862