CVE-2026-40317

NovumOS · NovumOS

NovumOS Syscall 12 allows unprivileged user-space processes to jump to kernel addresses, resulting in local privilege escalation to Ring 0.

Executive summary

A critical local privilege escalation vulnerability in NovumOS allows unprivileged users to execute arbitrary code in the kernel context.

Vulnerability

The kernel fails to validate the entry point address provided to Syscall 12 (JumpToUser), enabling a Ring 3 user-mode process to redirect execution flow into Ring 0 kernel space.

Business impact

With a CVSS score of 9.3, this flaw enables complete system compromise by any local user. An attacker gaining low-level access can escalate privileges to the highest level, resulting in total control over the operating system, potential data exfiltration, and the ability to disable security controls.

Remediation

Immediate Action: Update the NovumOS operating system to version 0.24 or later to implement proper syscall validation.

Proactive Monitoring: Monitor system logs for unauthorized attempts to invoke Syscall 12 or suspicious execution patterns originating from standard user processes.

Compensating Controls: If patching is delayed, restrict system access to single-user mode or disable support for user-mode processes to eliminate the attack surface for this syscall.

Exploitation status

Public Exploit Available: Not specified.

Analyst recommendation

This vulnerability is critical due to the direct path it provides for full system takeover. Organizations using NovumOS must treat the upgrade to version 0.24 as a high-priority security action to remediate this kernel-level privilege escalation risk.