CVE-2025-56301

Name of the Vulnerable Software and Affected Versions Rocket-Chip commit f517abbf41abb65cea37421d3559f9739efd00a9 (2025-01-29)

Description An issue exists in the Control and Status Register (CSR) logic that allows attackers to corrupt exception handling and privilege state transitions. This occurs due to a flawed interaction between exception handling and Machine Return (MRET) mechanisms when an exception is triggered during MRET execution. Specifically, when the MRET instruction is executed in machine mode without being in an exception state, an Instruction Access Fault may be triggered. This simultaneous activation of both exception handling and exception return logic leads to conflicting updates to the control and status registers, resulting in faulty trap behavior.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.