CVE-2026-29643
Improper Exception Handling in XiangShan CSR Causes DoS
Publication date: 2026-04-20
Last updated on: 2026-04-21
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xiangshan | xiangshan | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-703 | The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the XiangShan open-source high-performance RISC-V processor, specifically in its CSR (Control and Status Register) subsystem called NewCSR. Certain sequences of CSR operations that target non-existent or custom CSR addresses may cause an illegal-instruction exception. However, the processor fails to reliably transfer control to the configured trap handler (mtvec) when this happens. This improper handling can disrupt the control flow and potentially leave the processor core in a hung or unrecoverable state.
An attacker who can execute code locally on the processor can exploit this flaw to cause a denial of service or potentially create an inconsistent architectural state.
How can this vulnerability impact me? :
The vulnerability can be exploited by a local attacker to cause a denial of service on the affected processor. This means the processor core could become hung or enter an unrecoverable state, disrupting normal operation.
Additionally, it may lead to an inconsistent architectural state, which could affect the reliability and correctness of the processor's operations.