← back
CVE-2021-1104

CVE-2021-1104

EPSS 1.7%
The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector Base Address (MTVEC) register that may lead to a vulnerability due to the initial state of the register not being defined, potentially leading to information disclosure, data tampering and denial of service.
Affected products
RISCV.org · Machine Trap Base Address (MTVEC) Register

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://riscv.org/news/2021/08/video-glitching-risc-v-chips-mtvec-corruption-for-hardening-isa-adam-zabrocki-and-alex-matrosov-def-con-29/