riscv-software-src/riscv-isa-sim

riscv-software-src/riscv-isa-sim

riscv.atlassian.net

Releases3

Frequency1 year 8 months

Last Release over 3 years ago

Stars3.13K

Spike, a RISC-V ISA Simulator

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-50897 ↗	Aug 19, 2025Tuesday, 19 August 2025, 15:15	4.3 MEDIUM	—
A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2.
CVE-2022-34642 ↗	Jul 18, 2022Monday, 18 July 2022, 23:15	5.5 MEDIUM	—
The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS).
CVE-2022-34643 ↗	Jul 18, 2022Monday, 18 July 2022, 23:15	5.5 MEDIUM	—
RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.