XiangShan 安全漏洞

XiangShan is an open-source high-performance RISC-V processor project developed by XiangShan in China. There is a security vulnerability in XiangShan, which stems from specially crafted read and write operations on the menvcfg structure, potentially causing the WPRI bit to be set unexpectedly,...

EUVD-2023-60025

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... 6.120512 UBSAN: shift-out-of-bounds in...

EUVD-2025-19672

Malicious code in bioql PyPI...

EUVD-2022-30857

Malicious code in bioql PyPI...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

RISC-V Processor 安全漏洞

RISC-V Processor is an instruction set architecture from the Swiss company RISC-V. A security vulnerability exists in RISC-V Processor that stems from an improperly reserved mstatus.SUM bit leading to a physical memory access attack...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

PT-2025-27577 · Unknown · Open-Source Risc-V Processor

Name of the Vulnerable Software and Affected Versions: Open-Source RISC-V Processor affected versions not specified Description: The issue concerns improper retention of the mstatus.SUM bit in a non-zero state, violating privileged specification constraints. This could potentially enable attacks...

CVE-2025-45006

The CVE-2025-45006 entry concerns an issue in the Open-Source RISC-V Processor where the mstatus.SUM bit can remain non-zero, violating privileged-spec constraints. Root cause identified as improper retention in commit f517abb, enabling potential physical memory access attacks. Affected component...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

Detecting Hardware Trojans in Microprocessors via Hardware Error Correction Code-based Modules

Software-exploitable Hardware Trojans HTs enable attackers to execute unauthorized software or gain illicit access to privileged operations. This manuscript introduces a hardware-based methodology for detecting runtime HT activations using Error Correction Codes ECCs on a RISC-V microprocessor...

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...