CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

boom-core

risvc-boom

3 known vulnerabilities · sorted by CVSS score

CVE-2020-29561

MEDIUM5.5

An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does not avoid acquiring a reservation in the case where a load translates successfully but still generates an exception.

boom-core / risvc-boom

Local

Published Dec 4, 2020

CVE-2022-26296

MEDIUM5.5

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

boom-core / risvc-boom

Local

Published Mar 28, 2022

CVE-2025-8774

LOW2.5

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

boom-core / risvc-boom

Local

Published Aug 9, 2025