Security Advisory

CVE-2025-63384

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-10 00:00:00

Last updated 2025-11-12 20:39:11

Assigner mitre

State PUBLISHED

Description

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fails to correctly transition the processors privilege level. Instead of downgrading from Machine-mode (M-mode) to Supervisor-mode (S-mode) as specified by the sstatus.SPP bit, the processor incorrectly remains in M-mode, leading to a critical privilege retention vulnerability.

← Browse all CVEs View on cve.org ↗