U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-46928

Change History

New CVE Received by NIST 2/27/2024 5:15:07 AM

Action Type Old Value New Value
Added Description

								
							
							
						
In the Linux kernel, the following vulnerability has been resolved:

parisc: Clear stale IIR value on instruction access rights trap

When a trap 7 (Instruction access rights) occurs, this means the CPU
couldn't execute an instruction due to missing execute permissions on
the memory region.  In this case it seems the CPU didn't even fetched
the instruction from memory and thus did not store it in the cr19 (IIR)
register before calling the trap handler. So, the trap handler will find
some random old stale value in cr19.

This patch simply overwrites the stale IIR value with a constant magic
"bad food" value (0xbaadf00d), in the hope people don't start to try to
understand the various random IIR values in trap 7 dumps.
Added Reference

								
							
							
						
Linux https://git.kernel.org/stable/c/484730e5862f6b872dca13840bed40fd7c60fa26 [No types assigned]
Added Reference

								
							
							
						
Linux https://git.kernel.org/stable/c/d01e9ce1af6116f812491d3d3873d204f10ae0b8 [No types assigned]
Added Reference

								
							
							
						
Linux https://git.kernel.org/stable/c/e96373f0a5f484bc1e193f9951dcb3adf24bf3f7 [No types assigned]