Every CVE whose affected-product data names Openhwgroup Cva6, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-34635 — CVSS 9.8 (critical): The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty.
CVE-2022-33023 — CVSS 7.5 (high): CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong.
CVE-2022-34637 — CVSS 5.5 (medium): CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded.
CVE-2022-34639 — CVSS 5.5 (medium): CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the…
CVE-2022-34640 — CVSS 5.5 (medium): The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.
CVE-2022-34633 — CVSS 5.5 (medium): CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an…
CVE-2022-34634 — CVSS 5.5 (medium): CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception.