PT-2022-22256 · Cva6 · Cva6

Phantom1003

Published

2022-07-18

Updated

2022-07-26

CVE-2022-34633

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a

Description The issue arises when CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions, which should create an exception.

Recommendations For CVA6 version d315ddd0f1be27c1b3f27eb0b8daf471a952299a, consider restricting the execution of crafted or incorrectly formatted sfence.vma instructions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-755

Related Identifiers

CVE-2022-34633

Affected Products

Cva6

PT-2022-22256 · Cva6 · Cva6

CVE-2022-34633

Weakness Enumeration

Related Identifiers

Affected Products

References · 8