System call entry on Cortex M (and possibly R and A, but I think not) has a race which allows very practical privilege escalation for malicious userspace processes.
{
"cwe_ids": [
"CWE-270"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/9xxx/CVE-2025-9408.json",
"cna_assigner": "zephyr"
}