You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2021/04/05 16:55:33 UTC

[GitHub] [incubator-nuttx] v01d opened a new issue #3356: SECURITY ISSUES

v01d opened a new issue #3356:
URL: https://github.com/apache/incubator-nuttx/issues/3356


   ```
     Description: In the current designed, the kernel code calls into the user-space
                  allocators to allocate user-space memory.  It is a security risk to
                  call into user-space in kernel-mode because that could be exploited
                  to gain control of the system.  That could be fixed by dropping to
                  user mode before trapping into the memory allocators; the memory
                  allocators would then need to trap in order to return (this is
                  already done to return from signal handlers; that logic could be
                  renamed more generally and just used for a generic return trap).
   
                  Another place where the system calls into the user code in kernel
                  mode is work_usrstart() to start the user work queue.  That is
                  another security hole that should be plugged.
     Status:      Open
     Priority:    Low (unless security becomes an issue).
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org