PT-2018-9512 · Tock · Tock

Published

2018-09-06

Updated

2019-10-03

CVE-2018-1000660

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions TOCK versions prior to commit 42f7f36e74088036068d62253e1d8fb26605feed

Description The issue is related to Insecure Permissions in the get package name function, located in the file kernel/src/tbfheader.rs. Specifically, the variable pub package name: &'static str in the file process.rs is involved. This can allow a TOCK capsule (untrusted driver) to access arbitrary memory using only safe code.

Recommendations For versions prior to commit 42f7f36e74088036068d62253e1d8fb26605feed, update to a version that includes the fix from commit 42f7f36e74088036068d62253e1d8fb26605feed to resolve the issue. As a temporary workaround, consider restricting access to the get package name function in the kernel/src/tbfheader.rs file until the update is applied.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-1000660

Affected Products

Tock

PT-2018-9512 · Tock · Tock

CVE-2018-1000660

Weakness Enumeration

Related Identifiers

Affected Products

References · 3