Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2025/08/09 12:0 a.m.6 views

PT-2025-32455 · Sonicboom · Sonicboom

Name of the Vulnerable Software and Affected Versions: riscv-boom SonicBOOM versions through 2.2.3 Description: A timing discrepancy exists in the L1 Data Cache Handler component of the software. This issue is considered problematic and requires local access for exploitation, which is described a...

2.5CVSS6.6AI score0.00148EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.8 views

CVE-2025-52484

RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction including remu and divu in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The...

6.9CVSS7.2AI score0.00237EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/20 6:8 p.m.19 views

zkVM Underconstrained Vulnerability

Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction including remu and divu in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of th...

6.9CVSS6.3AI score0.00237EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2025/06/18 11:3 a.m.9 views

CVE-2022-50225 riscv:uprobe fix SR_SPIE set/clear handling

In the Linux kernel, the following vulnerability has been resolved: riscv:uprobe fix SRSPIE set/clear handling In riscv the process of uprobe going to clear spie before exec the origin insn,and set spie after that.But When access the page which origin insn has been placed a page fault may happen...

0.00144EPSS
Exploits0References4
Rows per page
Query Builder