vulnerability

Huawei EulerOS: CVE-2021-46928: kernel security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	2024-02-27	2024-07-17	2025-01-30

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

2024-02-27

Added

2024-07-17

Modified

2025-01-30

Description

In the Linux kernel, the following vulnerability has been resolved:

parisc: Clear stale IIR value on instruction access rights trap

When a trap 7 (Instruction access rights) occurs, this means the CPU
couldn't execute an instruction due to missing execute permissions on
the memory region. In this case it seems the CPU didn't even fetched
the instruction from memory and thus did not store it in the cr19 (IIR)
register before calling the trap handler. So, the trap handler will find
some random old stale value in cr19.

This patch simply overwrites the stale IIR value with a constant magic
"bad food" value (0xbaadf00d), in the hope people don't start to try to
understand the various random IIR values in trap 7 dumps.

Solution(s)

huawei-euleros-2_0_sp9-upgrade-kernelhuawei-euleros-2_0_sp9-upgrade-kernel-toolshuawei-euleros-2_0_sp9-upgrade-kernel-tools-libshuawei-euleros-2_0_sp9-upgrade-python3-perf

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today