CVE-2024-11263

Summary

When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.

Affected Software

VendorProductVersion RangeStatus
zephyrproject-rtosZephyr* <= 3.7affected

Weaknesses

  • CWE-270: Privilege Context Switching Error

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References