The OpenXiangShan NEMU has vulnerabilities in Smstateen permission enforcement that allow less-privileged code to access sensitive CSRs, potentially bypassing isolation controls.

Cybersecurity Virtualization Technology ConflictApr 20, 2026score 0.172 posts · 0 replies across 1 instances

The thread discusses two vulnerabilities in the OpenXiangShan NEMU related to insufficient permission enforcement for Smstateen, which could allow less-privileged code to access sensitive CSRs and potentially bypass isolation controls. These issues highlight security risks in virtualization environments.

Claims

Parent: CybersecurityEntity: OpenXiangShan NEMUImpact: negativeDate: Apr 20, 2026Target: The effectiveness of Smstateen in enforcing access restrictions in OpenXiangShan NEMU

Source posts

@[email protected]

🚨 EUVD-2026-23960

📊 Score: n/a
📅 Updated: 2026-04-20

📝 In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23960

#cybersecurity #infosec #euvd #cve #vulnerability

1 boosts · 0 favs · 0 replies · Apr 20, 2026

#cybersecurity#infosec#euvd#cve#vulnerability

@[email protected]

🚨 EUVD-2026-23962

📊 Score: n/a
📅 Updated: 2026-04-20

📝 In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation controls in virtuali...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23962

#cybersecurity #infosec #euvd #cve #vulnerability

1 boosts · 0 favs · 0 replies · Apr 20, 2026

#cybersecurity#infosec#euvd#cve#vulnerability