Vulnerabilities > CVE-2021-41612 - Unspecified vulnerability in Openrisc Mor1Kx Firmware

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

openrisc

NVD

Published: 2023-04-18

Updated: 2023-04-27

Summary

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution.

Vulnerable Configurations

Part	Description	Count
OS	Openrisc Openrisc Mor1Kx Firmware *	1
Hardware	Openrisc Openrisc Mor1Kx -	1

References

https://seth.engr.tamu.edu/software-releases/thehuzz/
https://github.com/openrisc/mor1kx/issues/139