CloudEdge/FreeRTOS-Kernel
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-11-05. You can view files and clone it, but cannot push or open issues or pull requests.
49777e3387
FreeRTOS-Kernel/.github
History
Gaurav Aggarwal 79704b8213 Remove local stack variable form MPU wrappers 
It was possible for a third party that had already independently gained
the ability to execute injected code to achieve further privilege
escalation by branching directly inside a FreeRTOS MPU API wrapper
function with a manually crafted stack frame. This commit removes the
local stack variable `xRunningPrivileged` so that a manually crafted
stack frame cannot be used for privilege escalation by branching
directly inside a FreeRTOS MPU API wrapper.

We thank Certibit Consulting, LLC, Huazhong University of Science and
Technology and the SecLab team at Northeastern University for reporting
this issue.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2022-09-17 00:03:08 +05:30
..
actions Check: improve verbosity of url verifier (#260) 2021-02-10 16:04:08 -08:00
ISSUE_TEMPLATE Update feature_request.md (#500) 2022-06-08 22:39:39 +05:30
scripts Add RP2040 support (#341) 2021-06-30 13:20:54 -07:00
workflows Add support for MISRA rule 20.7 (#546) 2022-08-19 15:51:57 +05:30
CODEOWNERS Added CODEOWNERS file (#209) 2020-10-26 13:24:55 -07:00
CONTRIBUTING.md Run uncrustify with github workflows (#369) 2021-07-28 17:53:10 -07:00
lexicon.txt Remove local stack variable form MPU wrappers 2022-09-17 00:03:08 +05:30
pull_request_template.md Create pull_request_template.md 2020-03-17 13:11:11 -07:00
SECURITY.md Move markdown files and lexicon into .github directory (#205) 2020-10-21 18:40:43 -07:00
uncrustify.cfg Update uncrustify configuration to 0.69 (#445) 2022-01-28 10:48:03 -08:00