Skip to main content

CVE-2026-40337

MEDIUM
Unverified Ownership (CWE-283)
2026-04-18 security-advisories@github.com
5.1
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.1 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Apr 18, 2026 - 00:39 vuln.today
Analysis Generated
Apr 18, 2026 - 00:22 vuln.today
CVE Published
Apr 18, 2026 - 00:16 nvd
MEDIUM 5.1

DescriptionGitHub Advisory

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.

AnalysisAI

Sentry kernel prior to version 0.4.7 allows tasks with DEV or IO capabilities to manipulate another task's IRQ line via the __sys_int_* syscall family, enabling denial of service and covert information channels between privileged tasks and external systems. The vulnerability affects embedded systems using Sentry micro-kernel versions before 0.4.7, and no public exploit code has been identified at time of analysis, though the fix is vendor-released and publicly available.

Technical ContextAI

Sentry is a high-security micro-kernel designed for embedded systems that enforces capability-based access control through privilege levels and capability grants (DEV, IO, and others). The vulnerability exists in the __sys_int_* syscall family, which handles interrupt and IRQ management. Tasks granted DEV (device access) or IO (input/output) capabilities can invoke these syscalls to manipulate IRQ lines belonging to other tasks, violating the kernel's capability-based isolation model. The root cause is classified as CWE-283 (Improper Handling of Permissions), indicating insufficient validation of capability boundaries during cross-task IRQ operations. The vulnerability is particularly critical in embedded systems where capability-based security is the primary isolation mechanism, as successful exploitation can create covert channels and degrade system availability through IRQ flooding or manipulation.

Affected ProductsAI

Sentry kernel versions prior to 0.4.7 are affected. The vulnerability impacts all deployments of Sentry micro-kernel in embedded systems using the __sys_int_* syscall interface and granting DEV or IO capabilities to multiple tasks. Exact version ranges and CPE strings are not provided in available data, but the fix is confirmed in version 0.4.7. GitHub repository: https://github.com/camelot-os/sentry-kernel with security advisory available at https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pg.

RemediationAI

Vendor-released patch: Sentry kernel version 0.4.7 or later. Update to this version immediately to fix the __sys_int_* syscall validation. For systems unable to immediately patch, implement the vendor-recommended workaround by consolidating all tasks with DEV and IO capabilities into a single trusted task, then audit all remaining tasks to verify they no longer hold these capabilities. This workaround reduces system modularity and may impact device management architecture, so plan for refactoring after patching. No alternative mitigations are documented; the patch is the definitive fix. Refer to the security advisory at https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pg and commit 150b7edd2c5b0da0a8baeed3135ddde613b08081 for implementation details.

Share

CVE-2026-40337 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy