mirror of
https://github.com/FreeRTOS/FreeRTOS-Kernel.git
synced 2025-11-06 03:32:34 -05:00
51ea2bfe62
It was possible for a third party that had already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. This commit removes the local stack variable `xRunningPrivileged` so that a manually crafted stack frame cannot be used for privilege escalation by branching directly inside a FreeRTOS MPU API wrapper. We thank Certibit Consulting, LLC, Huazhong University of Science and Technology and the SecLab team at Northeastern University for reporting this issue. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com> |
||
|---|---|---|
| .. | ||
| atomic.h | ||
| croutine.h | ||
| deprecated_definitions.h | ||
| event_groups.h | ||
| FreeRTOS.h | ||
| list.h | ||
| message_buffer.h | ||
| mpu_prototypes.h | ||
| mpu_wrappers.h | ||
| portable.h | ||
| projdefs.h | ||
| queue.h | ||
| semphr.h | ||
| stack_macros.h | ||
| StackMacros.h | ||
| stdint.readme | ||
| stream_buffer.h | ||
| task.h | ||
| timers.h | ||