CVE-2024-28115

Name of the Vulnerable Software and Affected Versions FreeRTOS Kernel versions through 10.6.1

Description The issue is related to insufficient protection against local privilege escalation via Return Oriented Programming techniques, should a vulnerability exist that allows code injection and execution. This affects ARMv7-M MPU ports and ARMv8-M ports with Memory Protected Unit (MPU) support enabled, i.e., configENABLE MPU set to 1.

Recommendations For FreeRTOS Kernel versions through 10.6.1, update to version 10.6.2, which includes a new MPU wrapper to fix the issue. As a temporary workaround, consider disabling the configENABLE MPU to minimize the risk of exploitation. Restrict access to the affected ARMv7-M MPU ports and ARMv8-M ports with Memory Protected Unit (MPU) support enabled to reduce the attack surface.