← Back

Boom Core

boom-core

5 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Risvc Boom
risvc-boom
3 CVEs
Riscvc Boom
riscvc-boom
1 CVE
Boomv
boomv
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-50897
1Boom Core
1Boomv
Oct 17, 2025
Aug 19, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger...Show more
A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2.Show less
CVE-2025-8774
1Boom Core
1Risvc Boom
Apr 29, 2026
Aug 9, 2025
1.1 LOW· v4
4.7 MEDIUM· v3
1.0 LOW· v2
A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads...Show more
A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2022-34641
2Boom Core
Openhwgroup
2Cva6
Riscvc Boom
Nov 21, 2024
Jul 18, 2022
N/A· v4
5.5 MEDIUM· v3
N/A· v2
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address translation.
CVE-2022-26296
1Boom Core
1Risvc Boom
Nov 21, 2024
Mar 28, 2022
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2020-29561
1Boom Core
1Risvc Boom
Nov 21, 2024
Dec 4, 2020
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does not avoid acquiring a reservation in the case where a load translates successfully but still generates an exception.