vulnerability

Huawei EulerOS: CVE-2021-46928: kernel security update

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
02/27/2024
Added
07/17/2024
Modified
01/30/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

parisc: Clear stale IIR value on instruction access rights trap

When a trap 7 (Instruction access rights) occurs, this means the CPU
couldn't execute an instruction due to missing execute permissions on
the memory region. In this case it seems the CPU didn't even fetched
the instruction from memory and thus did not store it in the cr19 (IIR)
register before calling the trap handler. So, the trap handler will find
some random old stale value in cr19.

This patch simply overwrites the stale IIR value with a constant magic
"bad food" value (0xbaadf00d), in the hope people don't start to try to
understand the various random IIR values in trap 7 dumps.

Solution(s)

huawei-euleros-2_0_sp9-upgrade-kernelhuawei-euleros-2_0_sp9-upgrade-kernel-toolshuawei-euleros-2_0_sp9-upgrade-kernel-tools-libshuawei-euleros-2_0_sp9-upgrade-python3-perf
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.