CVE-2026-29645

Name of the Vulnerable Software and Affected Versions NEMU (OpenXiangShan/NEMU) versions prior to v2025.12.r2

Description An improper instruction-validation flaw exists in the RISC-V Vector (RVV) decoder. The decoder fails to correctly validate the funct3 field when decoding 'vsetvli', 'vsetivli', and 'vsetvl' instructions. This allows certain invalid OP-V instruction encodings to be misinterpreted and executed as vset* configuration instructions instead of triggering an illegal-instruction exception. This can be exploited using crafted RISC-V binaries to cause incorrect trap behavior, architectural state corruption or divergence, and potential denial of service in systems relying on the software for correct execution or sandboxing.

Recommendations Update to version v2025.12.r2.