CVE-2026-40337
MEDIUMSeverity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.
AnalysisAI
Sentry kernel prior to version 0.4.7 allows tasks with DEV or IO capabilities to manipulate another task's IRQ line via the __sys_int_* syscall family, enabling denial of service and covert information channels between privileged tasks and external systems. The vulnerability affects embedded systems using Sentry micro-kernel versions before 0.4.7, and no public exploit code has been identified at time of analysis, though the fix is vendor-released and publicly available.
Technical ContextAI
Sentry is a high-security micro-kernel designed for embedded systems that enforces capability-based access control through privilege levels and capability grants (DEV, IO, and others). The vulnerability exists in the __sys_int_* syscall family, which handles interrupt and IRQ management. Tasks granted DEV (device access) or IO (input/output) capabilities can invoke these syscalls to manipulate IRQ lines belonging to other tasks, violating the kernel's capability-based isolation model. The root cause is classified as CWE-283 (Improper Handling of Permissions), indicating insufficient validation of capability boundaries during cross-task IRQ operations. The vulnerability is particularly critical in embedded systems where capability-based security is the primary isolation mechanism, as successful exploitation can create covert channels and degrade system availability through IRQ flooding or manipulation.
Affected ProductsAI
Sentry kernel versions prior to 0.4.7 are affected. The vulnerability impacts all deployments of Sentry micro-kernel in embedded systems using the __sys_int_* syscall interface and granting DEV or IO capabilities to multiple tasks. Exact version ranges and CPE strings are not provided in available data, but the fix is confirmed in version 0.4.7. GitHub repository: https://github.com/camelot-os/sentry-kernel with security advisory available at https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pg.
RemediationAI
Vendor-released patch: Sentry kernel version 0.4.7 or later. Update to this version immediately to fix the __sys_int_* syscall validation. For systems unable to immediately patch, implement the vendor-recommended workaround by consolidating all tasks with DEV and IO capabilities into a single trusted task, then audit all remaining tasks to verify they no longer hold these capabilities. This workaround reduces system modularity and may impact device management architecture, so plan for refactoring after patching. No alternative mitigations are documented; the patch is the definitive fix. Refer to the security advisory at https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pg and commit 150b7edd2c5b0da0a8baeed3135ddde613b08081 for implementation details.
Same weakness CWE-283 – Unverified Ownership
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today