Login Sign Up

CVE-2021-41612

8.8 HIGH

📋 TL;DR

This vulnerability affects the OpenRISC mor1kx processor's ALU unit, where the carry flag is incorrectly updated during subtract operations. This can cause software relying on this flag to experience execution corruption, potentially leading to crashes or incorrect calculations. Systems using the mor1kx processor in embedded or specialized computing contexts are affected.

💻 Affected Systems

Products:
  • OpenRISC mor1kx processor
Versions: All versions prior to fixes (specific version unknown, check GitHub issue)
Operating Systems: Any OS running on mor1kx processor (e.g., Linux variants for OpenRISC)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with mor1kx processor implementation; vulnerability is in hardware design, so all software running on it is potentially affected.

📦 What is this software?

Mor1kx Firmware by Openrisc

View all CVEs affecting Mor1kx Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through privilege escalation or arbitrary code execution if the flag corruption enables memory corruption or control flow hijacking.

🟠

Likely Case

Software crashes, incorrect calculations, or unpredictable behavior in applications that depend on the carry flag for arithmetic operations.

🟢

If Mitigated

Limited impact if affected software is isolated or doesn't rely heavily on the carry flag, potentially causing only minor functional errors.

🌐 Internet-Facing: LOW, as this is a hardware/processor-level vulnerability typically in embedded systems not directly internet-exposed.
🏢 Internal Only: MEDIUM, affecting internal systems using the mor1kx processor, potentially disrupting specialized applications or embedded devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires targeting specific software that uses the carry flag; proof-of-concept exists in GitHub issue but may not be weaponized for attacks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue #139 for specific fixes; likely requires processor firmware or design updates.

Vendor Advisory: https://github.com/openrisc/mor1kx/issues/139

Restart Required: Yes

Instructions:

1. Monitor GitHub issue #139 for patches. 2. Update processor firmware or replace hardware if possible. 3. Test in non-production first. 4. Apply updates and restart affected systems.

🔧 Temporary Workarounds

Avoid subtract-dependent software

all

Identify and avoid using software that heavily relies on the carry flag for subtract operations on mor1kx.

Software workarounds

all

Modify software to avoid depending on the carry flag for critical calculations; implement software-based checks.

🧯 If You Can't Patch

  • Isolate affected systems to reduce attack surface and limit potential impact.
  • Monitor for abnormal behavior or crashes and have incident response plans ready.

🔍 How to Verify

Check if Vulnerable:

Check if system uses mor1kx processor; run test programs that use subtract with carry flag and verify results.

Check Version:

Check processor/firmware version via system documentation or hardware specs; no standard command.

Verify Fix Applied:

After updates, re-run the same test programs to confirm carry flag behavior is correct.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected application crashes, arithmetic errors in logs, or abnormal system behavior.

Network Indicators:

  • None directly; this is a local hardware issue.

SIEM Query:

Search for error logs related to arithmetic operations or process crashes on systems with mor1kx processor.

📊 Metadata

CVE ID: CVE-2021-41612
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: April 18, 2023
Last Updated: February 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON