CVE-2026-40337
Medium
Low
Medium
High
Critical
5.1
CVSS Score
Vulnerability Description
The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Attack Vector
L
Attack Complexity
L
Privileges Required
H
User Interaction
N
Scope
U
Confidentiality
L
Integrity
N
Availability
H
References & Resources
-
https://github.com/camelot-os/sentry-kernel/commit/150b7edd2c5b0da0a8baeed3135ddde613b08081security-advisories@github.com
-
https://github.com/camelot-os/sentry-kernel/pull/108security-advisories@github.com
-
https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pgsecurity-advisories@github.com
Severity Details
5.1
out of 10.0
Medium
Weakness Type (CWE)
CWE-283
Unverified Ownership
- Description
- The product does not properly verify that a critical resource is owned by the proper entity.
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- April 18, 2026
