CVE-2021-41613

EUVD-2021-28627
An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The write logic of Exception Effective Address Register (EEAR) is not implemented correctly. User programs from authorized privilege levels will be unable to write to EEAR.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CISA-ADPADP
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
openriscmor1kx_firmware
𝑥
< 5.1
𝑥
= Vulnerable software versions
References
https://github.com/openrisc/mor1kx/issues/141
https://seth.engr.tamu.edu/software-releases/thehuzz/
https://github.com/openrisc/mor1kx/issues/141
https://seth.engr.tamu.edu/software-releases/thehuzz/