CVE-2021-1104

Summary

The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector Base Address (MTVEC) register that may lead to a vulnerability due to the initial state of the register not being defined, potentially leading to information disclosure, data tampering and denial of service.

Affected Software

VendorProductVersion RangeStatus
RISCV.orgMachine Trap Base Address (MTVEC) RegisterAll versionsaffected

Weaknesses

  • information disclosure, data tampering and denial of service

ADP Enrichment

CVE Program Container

Additional References

References