← Retour aux CVEs
CVE-2021-40506
CRITICAL9.8
Description
An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience corruption in execution.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie4/18/2023
Derniere modification2/6/2025
Sourcenvd
Observations honeypot0
Produits affectes
openrisc:or1200openrisc:or1200_firmware
Faiblesses (CWE)
CWE-287CWE-287
References
https://seth.engr.tamu.edu/software-releases/thehuzz/(cve@mitre.org)
https://github.com/openrisc/or1200/commit/2c0765d7ba12813df273cd693a99c4e744f0fbd5(af854a3a-2127-422b-91ae-364da2661108)
https://seth.engr.tamu.edu/software-releases/thehuzz/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.