Toaruos · Toaruos · CVE-2019-13049
**Name of the Vulnerable Software and Affected Versions**
ToaruOS version 1.10.10
**Description**
The issue is related to an integer wrap in the kernel/sys/syscall.c file, which allows users to map arbitrary kernel pages into userland process space via the `TOARU SYS FUNC MMAP` function, leading to escalation of privileges.
**Recommendations**
For ToaruOS version 1.10.10, consider restricting access to the `TOARU SYS FUNC MMAP` function until a patch is available to prevent potential exploitation.