CVE-2021-46928
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
parisc: Clear stale IIR value on instruction access rights trap
When a trap 7 (Instruction access rights) occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this case it seems the CPU didn't even fetched the instruction from memory and thus did not store it in the cr19 (IIR) register before calling the trap handler. So, the trap handler will find some random old stale value in cr19.
This patch simply overwrites the stale IIR value with a constant magic "bad food" value (0xbaadf00d), in the hope people don't start to try to understand the various random IIR values in trap 7 dumps.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < d01e9ce1af6116f812491d3d3873d204f10ae0b8 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < e96373f0a5f484bc1e193f9951dcb3adf24bf3f7 | affected |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 484730e5862f6b872dca13840bed40fd7c60fa26 | affected |
| Linux | Linux | 2.6.12 | affected |
| Linux | Linux | 0 < 2.6.12 | unaffected |
| Linux | Linux | 5.10.90 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.13 <= 5.15.* | unaffected |
| Linux | Linux | 5.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/d01e9ce1af6116f812491d3d3873d204f10ae0b8
- https://git.kernel.org/stable/c/e96373f0a5f484bc1e193f9951dcb3adf24bf3f7
- https://git.kernel.org/stable/c/484730e5862f6b872dca13840bed40fd7c60fa26
References
- https://git.kernel.org/stable/c/d01e9ce1af6116f812491d3d3873d204f10ae0b8
- https://git.kernel.org/stable/c/e96373f0a5f484bc1e193f9951dcb3adf24bf3f7
- https://git.kernel.org/stable/c/484730e5862f6b872dca13840bed40fd7c60fa26
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.