Lucene search
Veracode Vulnerability DatabaseVERACODE:36413HistoryJul 19, 2022 - 6:35 a.m.
Information Disclosure
2022-07-1906:35:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
29
information disclosure
vulnerability
cryptographic algorithm
rocketcore.scala
zk extensions
software
EPSS
0.001
Percentile
45.6%
rocketchip_2.12 is vulnerable to information disclosure. The vulnerability exists due to the insecure cryptographic algorithm used in RocketCore.scala, allowing an attacker to gain sensitive information through the malicious Zk extensions.
References
github.com/advisories/GHSA-hg7j-9h3g-36x3
github.com/chipsalliance/rocket-chip/commit/4f8114374d8824dfdec03f576a8cd68bebce4e56
github.com/chipsalliance/rocket-chip/pull/2906
github.com/chipsalliance/rocket-chip/pull/2950
github.com/chipsalliance/rocket-chip/pull/2950#issuecomment-1106745660
github.com/chipsalliance/rocket-chip/pull/2950#issuecomment-1107055607
github.com/chipsalliance/rocket-chip/pull/2950/commits/4f8114374d8824dfdec03f576a8cd68bebce4e56
Related
nvd
nvd
CVE-2022-34632
2022-07-18 23:15:12
prion
prion
Design/Logic Flaw
2022-07-18 23:15:00
cvelist
cvelist
CVE-2022-34632
2022-07-18 22:45:42
cve
cve
CVE-2022-34632
2022-07-18 23:15:12