Phantom1003

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a **Description** The issue arises when CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions, which should create an exception. **Recommendations** For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, consider restricting the execution of crafted or incorrectly formatted sfence.vma instructions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a **Description** The issue arises when CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions, which it fails to handle by creating an exception. **Recommendations** For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, consider implementing proper exception handling for det instructions to prevent potential issues. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a **Description** The issue is related to the mstatus.sd field not updating when the mstatus.fs field is set to Dirty in the CVA6 commit. **Recommendations** For version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, as a temporary workaround, consider monitoring the mstatus.fs field to ensure it does not interfere with the expected functionality of the mstatus.sd field until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a RISCV-Boom version ad64c5419151e5e886daee7084d8399713b46b4b **Description** The issue arises when a PMA violation occurs during address translation, resulting in the implementation of an incorrect exception type. **Recommendations** For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, consider updating to a version that correctly handles PMA violations. For RISCV-Boom version ad64c5419151e5e886daee7084d8399713b46b4b, consider updating to a version that correctly handles PMA violations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 (affected versions not specified) **Description** The issue arises from an incorrect exception type being implemented when an illegal virtual address is loaded, specifically in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 (affected versions not specified) **Description** The issue arises from the treatment of non-standard fence instructions as illegal, which can impact the application's functionality. This behavior is observed in a specific commit. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a **Description** The issue concerns an incorrect `*tval` of `ecall/ebreak` in the specified CVA6 commit. **Recommendations** For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a RISCV-Boom version ad64c5419151e5e886daee7084d8399713b46b4b **Description** The issue arises from the implementation of the incorrect exception type when a PMP violation occurs during address translation. This is a result of the commits made to CVA6 and RISCV-Boom. **Recommendations** For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, consider updating to a version that correctly handles PMP violations. For RISCV-Boom version ad64c5419151e5e886daee7084d8399713b46b4b, consider updating to a version that correctly handles PMP violations. As a temporary workaround, consider disabling the address translation functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** RISCV ISA Sim (affected versions not specified) **Description** The component mcontrol.action in RISCV ISA Sim contains an incorrect mask, which can cause a Denial of Service (DoS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RISCV ISA Sim (affected versions not specified) **Description** The issue is related to the implementation of exception priority when accessing memory in RISCV ISA Sim. Specifically, commit ac466a21df442c59962589ba296c702631e041b5 is mentioned as implementing the incorrect exception priority. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.