FreeRTOS-Kernel

mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-04-25 07:52:12 -04:00

History

Gaurav Aggarwal 79704b8213 Remove local stack variable form MPU wrappers It was possible for a third party that had already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. This commit removes the local stack variable `xRunningPrivileged` so that a manually crafted stack frame cannot be used for privilege escalation by branching directly inside a FreeRTOS MPU API wrapper. We thank Certibit Consulting, LLC, Huazhong University of Science and Technology and the SecLab team at Northeastern University for reporting this issue. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>	2022-09-17 00:03:08 +05:30
..
port.c	Remove local stack variable form MPU wrappers	2022-09-17 00:03:08 +05:30
portmacro.h	Use highest numbered MPU regions for kernel	2022-09-17 00:03:08 +05:30

Gaurav Aggarwal 79704b8213 Remove local stack variable form MPU wrappers

It was possible for a third party that had already independently gained
the ability to execute injected code to achieve further privilege
escalation by branching directly inside a FreeRTOS MPU API wrapper
function with a manually crafted stack frame. This commit removes the
local stack variable `xRunningPrivileged` so that a manually crafted
stack frame cannot be used for privilege escalation by branching
directly inside a FreeRTOS MPU API wrapper.

We thank Certibit Consulting, LLC, Huazhong University of Science and
Technology and the SecLab team at Northeastern University for reporting
this issue.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>

2022-09-17 00:03:08 +05:30

port.c

Remove local stack variable form MPU wrappers

2022-09-17 00:03:08 +05:30

portmacro.h

Use highest numbered MPU regions for kernel

2022-09-17 00:03:08 +05:30