发布时间: 2024年4月12日
修改时间: 2024年5月27日
In the Linux kernel, the following vulnerability has been resolved:parisc: Clear stale IIR value on instruction access rights trapWhen a trap 7 (Instruction access rights) occurs, this means the CPUcouldn t execute an instruction due to missing execute permissions onthe memory region. In this case it seems the CPU didn t even fetchedthe instruction from memory and thus did not store it in the cr19 (IIR)register before calling the trap handler. So, the trap handler will findsome random old stale value in cr19.This patch simply overwrites the stale IIR value with a constant magic bad food value (0xbaadf00d), in the hope people don t start to try tounderstand the various random IIR values in trap 7 dumps.
| NVD | openEuler | |
|---|---|---|
| CVSS评分 | 5.5 | 4.4 |
| Attack Vector | Local | Local |
| Attack Complexity | Low | Low |
| Privileges Required | Low | High |
| User Interaction | None | None |
| Scope | Unchanged | Unchanged |
| Confidentiality | None | None |
| Integrity | None | None |
| Availability | High | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2024-4772 | kernel security update | 2024年4月12日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | kernel | Fixed |
| KY3.4-5A | kernel | Fixed |
| KY3.5.1 | kernel | Unaffected |
| KY3.5.2 | kernel | Unaffected |
