How severe is CVE-2021-46928?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-46928?

This is classified as CWE-755, which is a common weakness in software security.

CVE-2021-46928

MEDIUM Year: 2021

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-755

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 (Instruction access rights) occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this case it seems the CPU didn't even fetched the instruction from memory and thus did not store it in the cr19 (IIR) register before calling the trap handler. So, the trap handler will find some random old stale value in cr19. This patch simply overwrites the stale IIR value with a constant magic "bad food" value (0xbaadf00d), in the hope people don't start to try to understand the various random IIR values in trap 7 dumps.

CVE-2017-18672

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framewor...

CWE-7552017

CVE-2018-1677

MEDIUM

CVSS:5.5(Medium)

IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system. A local attacker could...

CWE-7552018

CVE-2019-0143

MEDIUM

CVSS:5.5(Medium)

Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

CWE-7552019

CVE-2019-20422

MEDIUM

CVSS:5.5(Medium)

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified ...

CWE-7552019

CVE-2019-2240

MEDIUM

CVSS:5.5(Medium)

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, ...

CWE-7552019

CVE-2019-2241

MEDIUM

CVSS:5.5(Medium)

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Com...

CWE-7552019

CVE-2021-46928

Vulnerability Description

Related Vulnerabilities

CVE-2017-18672

CVE-2018-1677

CVE-2019-0143

CVE-2019-20422

CVE-2019-2240

CVE-2019-2241