Vulnerability Description
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute arbitrary code in Ring 0 context, resulting in local privilege escalation. This issue has been fixed in version 0.24. If developers are unable to immediately update, they should restrict syscall access by running the system in single-user mode without Ring 3, and disable user-mode processes by only running kernel shell with no user processes. This issue has been fixed in version 0.24.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Minecanton209 | Novumos | < 0.24 |
Related Weaknesses (CWE)
References
- https://github.com/MinecAnton209/NovumOS/releases/tag/v0.24Release Notes
- https://github.com/MinecAnton209/NovumOS/security/advisories/GHSA-xjx3-gjh9-45fmExploitVendor Advisory
- https://github.com/MinecAnton209/NovumOS/security/advisories/GHSA-xjx3-gjh9-45fmExploitVendor Advisory
FAQ
What is CVE-2026-40317?
CVE-2026-40317 is a vulnerability with a CVSS score of 9.3 (CRITICAL). NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers witho...
How severe is CVE-2026-40317?
CVE-2026-40317 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-40317?
Check the references section above for vendor advisories and patch information. Affected products include: Minecanton209 Novumos.