PT-2019-13096 · Toaruos · Toaruos
Kay Integer Wrap Lange
·
Published
2019-06-29
·
Updated
2022-09-29
·
CVE-2019-13049
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ToaruOS version 1.10.10
Description
The issue is related to an integer wrap in the kernel/sys/syscall.c file, which allows users to map arbitrary kernel pages into userland process space via the
TOARU SYS FUNC MMAP function, leading to escalation of privileges.Recommendations
For ToaruOS version 1.10.10, consider restricting access to the
TOARU SYS FUNC MMAP function until a patch is available to prevent potential exploitation.Exploit
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Toaruos