Platform
linux
Component
novumos
Fixed in
0.24.1
CVE-2026-40572 is a critical vulnerability affecting NovumOS, a custom operating system. It arises from insufficient validation within the MemoryMapRange syscall, enabling user-mode processes to map arbitrary memory regions, including sensitive kernel structures. Successful exploitation allows a local attacker to escalate privileges to kernel context, potentially gaining complete control of the system. This vulnerability impacts NovumOS versions prior to 0.24, and a fix is available in version 0.24.
CVE-2026-40572 affects NovumOS, a custom 32-bit operating system, in versions prior to 0.24. The vulnerability lies within Syscall 15 (MemoryMapRange), which allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical kernel structures such as the IDT, GDT, TSS, and page tables. A local attacker can exploit this to modify kernel interrupt handlers, resulting in privilege escalation from user mode to kernel context. The CVSS score is 9.0, indicating a critical impact.
A local attacker with access to a user-mode process can exploit this vulnerability. The attacker could create a malicious process that utilizes the MemoryMapRange system call to map a memory region containing malicious code into an address that overwrites kernel interrupt handlers. By executing this malicious code, the attacker could gain control of the kernel and execute code with kernel privileges. The ease of exploitation is exacerbated by the lack of validation in the system call, allowing the attacker to arbitrarily select the memory addresses to map. The local nature of the exploitation requires the attacker to have access to the system, but the severity of the vulnerability means that even limited access can be sufficient to compromise the system.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
The mitigation for CVE-2026-40572 is to update NovumOS to version 0.24 or later. This version corrects the vulnerability by implementing proper validation of the memory regions that can be mapped through the MemoryMapRange system call. It is highly recommended to apply this update as soon as possible to prevent exploitation. Additionally, review system security policies to ensure only authorized processes have access to critical system calls. Monitoring system logs for suspicious activity related to memory mapping can also aid in detecting and responding to potential attacks.
Update NovumOS to version 0.24 or later to mitigate the vulnerability. This update corrects the lack of validation of arbitrary memory ranges when using the MemoryMapRange system call, preventing privilege escalation.
Vulnerability analysis and critical alerts directly to your inbox.
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly.
It allows privilege escalation from user to kernel mode, meaning an attacker can gain complete control of the system.
If you are using a version of NovumOS prior to 0.24, you are vulnerable.
Implement strict access controls and monitor system logs for suspicious activity.
Currently, there are no specific tools available, but updating to version 0.24 is the recommended solution.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.