CVE-2021-40507

critical

Description

An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience corruption in execution.

References

https://seth.engr.tamu.edu/software-releases/thehuzz/

https://github.com/openrisc/or1200/commit/2c0765d7ba12813df273cd693a99c4e744f0fbd5

Details

Source: Mitre, NVD

Published: 2023-04-18

Updated: 2023-04-27

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical