Description
NeKernal is a free and open-source operating system stack. Prior to version 0.0.3, there are several memory safety issues that can lead to memory corruption, disk image corruption, denial of service, and potential code execution. These issues stem from unchecked memory operations, unsafe typecasting, and improper input validation. This issue has been patched in version 0.0.3.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://github.com/nekernel-org/nekernel/security/advisories/GHSA-cmp2-5f6g-mw34
Issue Tracking x_refsource_misc
https://github.com/nekernel-org/nekernel/pull/35
Issue Tracking x_refsource_misc
https://github.com/nekernel-org/nekernel/pull/36
Patch x_refsource_misc
https://github.com/nekernel-org/nekernel/commit/6506875ad0ab210b82a5c4ce227bf851508de17d
Scores
CVSS v4
8.8
EPSS
0.0088
EPSS Percentile
75.4%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-20
CWE-770
Status
published
Products (1)
nekernel-org/nekernel
< 0.0.3
Published
Jun 24, 2025
Tracked Since
Feb 18, 2026