CVE-2026-29644
- EPSS 0.1%
- Veröffentlicht 21.04.2026 00:00:00
- Zuletzt bearbeitet 21.04.2026 18:16:34
XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal CSR write attempts to alter custom PMA (Physical Mem...
CVE-2026-29642
- EPSS 0.11%
- Veröffentlicht 20.04.2026 00:00:00
- Zuletzt bearbeitet 21.04.2026 20:16:40
A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes to menvcfg (e.g., csrrs in M-mode). On affected XiangShan versions (commit aecf601e803bfd2371667a3fb60bfcd83c333027, ...
CVE-2026-29643
- EPSS 0.16%
- Veröffentlicht 20.04.2026 00:00:00
- Zuletzt bearbeitet 21.04.2026 20:16:40
XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (NewCSR). On affected versions, certain sequences of ...
CVE-2025-63094
- EPSS 0.49%
- Veröffentlicht 10.12.2025 00:00:00
- Zuletzt bearbeitet 02.01.2026 21:23:35
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache.