Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly and can influence machine-level interrupt enable state (mie). This breaks privilege/virtualization isolation and can lead to denial of service or privilege-boundary violation in environments relying on NEMU for correct interrupt virtualization.
AnalysisAI
OpenXiangShan NEMU emulator's RISC-V Hypervisor extension implementation allows VS-mode guest writes to the sie (supervisor interrupt-enable) CSR to corrupt machine-level mie state, breaking privilege isolation between virtualization layers. Fixed in commit 55295c4 per GitHub PR #938. Despite CVSS 9.8 Critical rating with network attack vector (AV:N), the EPSS score of 0.03% (9th percentile) indicates extremely low observed exploitation probability, and the vulnerability specifically affects RISC-V emulator environments rather than typical network-accessible services. No CISA KEV listing or public exploit identified at time of analysis, suggesting this is a theoretical high-severity issue in specialized research/development contexts rather than an imminent widespread threat.
Technical ContextAI
NEMU is an instruction-set emulator from the OpenXiangShan project implementing the RISC-V architecture, including the RVH (Hypervisor) extension for hardware-assisted virtualization. The vulnerability stems from incorrect handling of CSR (Control and Status Register) writes in the privilege separation logic defined by RISC-V specification chapters on Machine, Supervisor, and Hypervisor modes. The sie CSR controls interrupt enables in supervisor mode (S-mode/VS-mode in virtualized contexts), while mie controls machine-mode (M-mode) interrupts-the highest privilege level. CWE-267 (Privilege Defined With Unsafe Actions) applies because the emulator fails to properly constrain lower-privilege CSR writes, allowing guest OS code in VS-mode to manipulate M-mode state. This violates the fundamental RISC-V privilege model where each mode's CSRs must be isolated according to specification-defined access controls. The CPE data shows generic 'n/a:n/a' product identifiers, indicating NVD classification challenges for specialized emulator software rather than mainstream commercial products.
RemediationAI
Update OpenXiangShan NEMU to commit 55295c46580456d8d5a9d5736e1fda924b8825ab or later, which corrects the sie CSR write handling logic per GitHub PR #938 (https://github.com/OpenXiangShan/NEMU/pull/938). Organizations using NEMU for RISC-V development should rebuild from the patched source tree available at the OpenXiangShan GitHub repository. If immediate patching is not feasible, disable RVH (Hypervisor extension) support in NEMU build configurations to eliminate the vulnerable code path-this workaround removes virtualization capabilities but prevents privilege boundary violations. For research environments requiring RVH functionality with unpatched versions, restrict NEMU execution to isolated development systems without network access and treat all guest VMs as potentially able to escape virtualization boundaries. Review RISC-V privilege specification documentation (https://docs.riscv.org/reference/isa/priv/hypervisor.html) to understand correct CSR access control expectations when implementing custom emulator modifications. No backports to stable release branches are mentioned in available references, suggesting mainline source updates are the only remediation path.
Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali
Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST
Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o
Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when
Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_
Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc
Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S
Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge
An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S
Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce
Same weakness CWE-267 – Privilege Defined With Unsafe Actions
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23958
GHSA-729m-5x6m-wwxv