5.5
CVE-2021-46928
- EPSS 0.23%
- Veröffentlicht 27.02.2024 10:15:07
- Zuletzt bearbeitet 21.11.2024 06:34:57
- CVE-Watchlists
- Unerledigt
parisc: Clear stale IIR value on instruction access rights trap
In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 (Instruction access rights) occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this case it seems the CPU didn't even fetched the instruction from memory and thus did not store it in the cr19 (IIR) register before calling the trap handler. So, the trap handler will find some random old stale value in cr19. This patch simply overwrites the stale IIR value with a constant magic "bad food" value (0xbaadf00d), in the hope people don't start to try to understand the various random IIR values in trap 7 dumps.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.10.90
Linux ≫ Linux Kernel Version >= 5.11.0 < 5.15.13
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-755 Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.
https://git.kernel.org/stable/c/484730e5862f6b872dca13840bed40fd7c60fa26
https://git.kernel.org/stable/c/d01e9ce1af6116f812491d3d3873d204f10ae0b8
https://git.kernel.org/stable/c/e96373f0a5f484bc1e193f9951dcb3adf24bf3f7