漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation controls in virtualized or multi-privilege environments.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NEMU 安全漏洞
Vulnerability Description
NEMU是XiangShan开源的一个用于教学的全系统模拟器。 NEMU存在安全漏洞,该漏洞源于启用Smstateen时,清除mstateen0.ENVCFG未能正确限制对henvcfg和senvcfg的访问,可能导致低权限代码绕过基于状态使能的隔离控制。
CVSS Information
N/A
Vulnerability Type
N/A