CVE-2026-40337

Name of the Vulnerable Software and Affected Versions Sentry kernel versions prior to 0.4.7

Description In this high security level micro-kernel implementation for embedded systems, a task possessing either the DEV or IO capability can interact with another task's IRQ line via the ' sys int *' syscall family. This behavior can result in a denial of service and the creation of covert-channels between the task and the outer world.

Recommendations Update to version 0.4.7. As a temporary workaround, reduce the number of tasks that have the DEV and IO capability to a single one.