Description
The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.
Published: 2026-04-17
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service and Covert Channel
Action: Apply Patch
AI Analysis

Impact

The Sentry kernel implements a sys_int_* syscall family that allows tasks to manipulate IRQ lines. An incomplete ownership check permits a task that holds DEV or IO capability to alter the IRQ configuration of another task, leading to a denial‑of‑service by disrupting interrupt handling or forging a covert channel between the two tasks and the external environment. This flaw is an improper access control error categorized as CWE‑283.

Affected Systems

Camelot‑OS Sentry Kernel versions earlier than 0.4.7 are vulnerable. Any embedded system running one of these kernel releases is affected.

Risk and Exploitability

The CVSS score of 5.1 denotes moderate severity; the EPSS score is not available and the issue is not listed in CISA to- be exploited vulnerabilities. Based on the description, it is inferred that an attacker must be able to execute a task with DEV or IO capability, which suggests a local or compromised‑process attack vector. Consequently, the risk is limited to environments where such privileges can be obtained, and no remote exploitation mechanism is explicitly disclosed.

Generated by OpenCVE AI on April 18, 2026 at 17:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Sentry Kernel 0.4.7 or later, which contains the patch correcting the ownership check.
  • As an interim fix, ensure that only one task has DEV and IO capability, preventing cross‑task IRQ manipulation.
  • Re‑evaluate task capability assignments to reduce the number of privileged tasks and enforce stricter isolation.

Generated by OpenCVE AI on April 18, 2026 at 17:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 20 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Camelot-os
Camelot-os sentry-kernel
Vendors & Products Camelot-os
Camelot-os sentry-kernel

Sat, 18 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the __sys_int_* syscall familly. Prior to version 0.4.7, this can lead to DoS and covert-channels between this task and the outer world. A patch is available in version 0.4.7. As a workaround, reduce tasks that have the DEV and IO capability to a single one.
Title Sentry kernel has incomplete ownership check for IRQ line manipulation
Weaknesses CWE-283
References
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H'}

Subscriptions

Camelot-os Sentry-kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-20T16:13:48.908Z

Reserved: 2026-04-10T22:50:01.358Z

Link: CVE-2026-40337

cve-icon Vulnrichment

Updated: 2026-04-20T16:13:43.170Z

cve-icon NVD

Status : Deferred

Published: 2026-04-18T00:16:37.667

Modified: 2026-04-29T21:08:02.250

Link: CVE-2026-40337

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T14:59:04Z

Weaknesses