CVE-2026-40337

Published: Apr 17, 2026

Modified: Apr 20, 2026

PUBLISHED

CVSS v3.1

5.1

MEDIUM

Description

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.

Vendor	Product	Versions
camelot-os	sentry-kernel	affected `< 0.4.7`

Weaknesses (CWE)

CWE-283

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

References

https://github.com/camelot-os/sentry-kernel/security/advisories/GHSA-5hgv-rg2f-79pg

x_refsource_CONFIRM

https://github.com/camelot-os/sentry-kernel/pull/108

x_refsource_MISC

https://github.com/camelot-os/sentry-kernel/commit/150b7edd2c5b0da0a8baeed3135ddde613b08081

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-40337

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References