8 matches found
EUVD-2025-13439
Malicious code in bioql PyPI...
OpenVM allows the byte decomposition of pc in AUIPC chip to overflow
The fix to https://cantina.xyz/code/c486d600-bed0-4fc6-aed1-de759fd29fa2/findings/21 has a typo that still results in the highest limb of pc being range checked to 8-bits instead of 6-bits. In the AIR, we do...
CVE-2025-46723
OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...
CVE-2025-46723
OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...
CVE-2025-46723 OpenVM byte decomposition of pc in AUIPC chip can overflow
OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...
CVE-2025-46723 OpenVM byte decomposition of pc in AUIPC chip can overflow
OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...
CVE-2025-46723 OpenVM byte decomposition of pc in AUIPC chip can overflow
OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in...
CVE-2025-46723
OpenVM (version 1.0.0) contains a vulnerability in the AUIPC chip path where pc limb decomposition overflows due to a off-by-one typo in the 8-bit vs 6-bit check. The root cause is a mis-specified enumeration in the pc_limbs loop, causing pc_limbs[3] to be checked with 8-bit bounds instead of 6-b...