Skip to main content

Cva6

10 CVEs product

Monthly

CVE-2022-34641 MEDIUM POC PATCH This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Riscvc Boom Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-34640 MEDIUM POC This Month

The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34639 MEDIUM POC PATCH This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34637 MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34636 MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34635 CRITICAL POC Act Now

The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-34634 MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-34633 MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-33023 HIGH This Week

CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cva6
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-33021 HIGH POC This Week

CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Cva6
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Riscvc Boom Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cva6
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cva6
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Cva6
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy