exploitDog

CVE-2021-41614

Опубликовано: 18 апр. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register (EPCR) are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR.

Ссылки

https://github.com/openrisc/mor1kx/issues/140
Issue Tracking
https://seth.engr.tamu.edu/software-releases/thehuzz/
Third Party Advisory
https://github.com/openrisc/mor1kx/issues/140
Issue Tracking
https://seth.engr.tamu.edu/software-releases/thehuzz/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:openrisc:mor1kx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:openrisc:mor1kx:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00022

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-276

Связанные уязвимости

GHSA-c5gr-hg39-gr5m

CVSS3: 7.8

github

почти 3 года назад

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register (EPCR) are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR.

EPSS

Процентиль: 5%

0.00022

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-276