exploitDog

CVE-2025-63384

Опубликовано: 10 нояб. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode (M-mode) to Supervisor-mode (S-mode) as specified by the sstatus.SPP bit, the processor incorrectly remains in M-mode, leading to a critical privilege retention vulnerability.

Ссылки

https://github.com/107040503/RISC-V-Vulnerability-Disclosure_SRET
Exploit
Third Party Advisory
https://github.com/chipsalliance/rocket-chip.git
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:chipsalliance:rocketchip:*:*:*:*:*:*:*:*

Версия до 1.6 (включая)

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-266

Связанные уязвимости

GHSA-g435-j3hg-9vfh

CVSS3: 6.5

github

3 месяца назад

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode (M-mode) to Supervisor-mode (S-mode) as specified by the sstatus.SPP bit, the processor incorrectly remains in M-mode, leading to a critical privilege retention vulnerability.

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-266