CVE-2026-40337
Sentry kernel has incomplete ownership check for IRQ line manipulation
CVSS Score
5.1
EPSS Score
0.0%
EPSS Percentile
0th
The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.
| CWE | CWE-283 |
| Vendor | camelot-os |
| Product | sentry-kernel |
| Published | Apr 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for camelot-os sentry-kernel
Be the first to know when new medium vulnerabilities affecting camelot-os sentry-kernel are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High
Affected Versions
camelot-os / sentry-kernel
< 0.4.7