doc: security: Disclose CVE-2024-11263

Disclose information about published CVE Signed-off-by: Flavio Ceolin <flavio.ceolin@gmail.com>
2024-11-15 09:26:48 -08:00 · 2024-11-15 09:26:48 -08:00 · 7aa7e894bc
commit 7aa7e894bc
parent 275f44730e
1 changed files with 19 additions and 0 deletions
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@ -1794,3 +1794,22 @@ Under embargo until 2024-11-22
 -----------------

 Under embargo until 2025-01-23
+
+:cve:`2024-11263`
+-----------------
+
+arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y
+
+A rogue thread can corrupt the gp reg and cause the entire system to hard fault at best, at worst,
+it can potentially trick the system to access another set of random global symbols.
+
+- `Zephyr project bug tracker GHSA-jjf3-7x72-pqm9
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jjf3-7x72-pqm9>`_
+
+This has been fixed in main for v4.0.0
+
+- `PR 81155 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/81155>`_
+
+- `PR 81370 fix for 3.7
+  <https://github.com/zephyrproject-rtos/zephyr/pull/81370>`_