The first of two issues reside in the Normal World application READ_IMPLIES_EXEC personality that can be exploited through specially crafted shellcode that would cause a process’
heap to become executable. The vulnerability affects version 20.07 of Azure Sphere. The second issue of them was found in /proc/thread-self/mem and can be exploited via specially crafted shellcode designed to cause a process’ non-writable memory to be written
to. An attacker could supply shellcode specifically designed to modify the program and trigger the vulnerability.
Learn more >