CVE-2024-11263: 
NixOS vulnerability analysis and mitigation

CVE-2024-11263 is a critical security vulnerability discovered in the Zephyr Real-Time Operating System (RTOS) affecting versions up to and including 3.7. The vulnerability was disclosed on November 15, 2024, and relates to the Global Pointer (GP) relative addressing feature when enabled through CONFIGRISCVGP=y configuration (Zephyr Advisory).

The vulnerability occurs when Global Pointer (GP) relative addressing is enabled (CONFIGRISCVGP=y). In this configuration, the gp register points at 0x800 bytes past the start of the .sdata section, which is used by the linker to relax accesses to global symbols. The critical security flaw lies in the lack of protection for the gp register against writes from userspace, allowing potential manipulation by unauthorized users. The vulnerability has received a CVSS v3.1 base score of 9.3 CRITICAL with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (NVD).

The vulnerability can allow a rogue thread to corrupt the gp register, potentially causing the entire system to hard fault. In more severe scenarios, it could trick the system into accessing random global symbols, leading to system compromise. The impact is particularly severe as it affects system integrity, confidentiality, and availability with high severity ratings (Zephyr Advisory).

Two patches have been proposed to address this vulnerability: #81155 for the main branch and #81370 for v3.7. The expected behavior is that the gp register should remain constant. Users are advised to apply these patches to protect their systems (Zephyr Advisory).