CVE-2026-29643

Name of the Vulnerable Software and Affected Versions XiangShan versions prior to commit edb1dfaf7d290ae99724594507dc46c2c2125384

Description An improper exceptional-condition handling flaw exists in the CSR subsystem (NewCSR). Certain sequences of CSR operations targeting non-existent or custom CSR addresses may trigger an illegal-instruction exception but fail to reliably transfer control to the configured trap handler mtvec. This results in control-flow disruption and may leave the core in a hung or unrecoverable state, allowing a local attacker with code execution capabilities to cause a denial of service and potentially an inconsistent architectural state.

Recommendations Update to commit edb1dfaf7d290ae99724594507dc46c2c2125384 or a newer version.