CVE-2025-50897 – A vulnerability in the RISC-V BOOMv1.2 processo... (How to Fix)

Q: What is the severity of CVE-2025-50897?

CVE-2025-50897 has a CVSS score of 4.3 (MEDIUM). A vulnerability in the RISC-V BOOMv1.2 processor implementation causes valid memory store operations to incorrectly trigger access faults, potentially leading to kernel panics or denial of service. This affects systems using the SonicBOOM 1.2 processor implementation in SV39 virtual memory mode. The issue stems from flawed memory management unit logic during address translation.

📋 TL;DR

A vulnerability in the RISC-V BOOMv1.2 processor implementation causes valid memory store operations to incorrectly trigger access faults, potentially leading to kernel panics or denial of service. This affects systems using the SonicBOOM 1.2 processor implementation in SV39 virtual memory mode. The issue stems from flawed memory management unit logic during address translation.

💻 Affected Systems

Products:

riscv-boom SonicBOOM processor implementation

Versions: BOOMv1.2

Operating Systems: Any OS running on affected BOOMv1.2 hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using SV39 virtual memory mode with write permissions configured. Requires store operations to mapped kernel memory.

📦 What is this software?

Boomv by Boom Core

View all CVEs affecting Boomv →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent denial of service through repeated kernel panics, potentially requiring physical intervention to restore system functionality.

🟠

Likely Case

Intermittent system crashes or instability during memory-intensive operations, leading to service disruption.

🟢

If Mitigated

Minor performance impact with occasional correctable errors if monitoring and recovery mechanisms are in place.

🌐 Internet-Facing: LOW - This is a hardware/processor-level vulnerability requiring local access to trigger.

🏢 Internal Only: MEDIUM - Could be exploited by malicious insiders or through compromised local accounts to cause system instability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Proof of concept available on GitHub demonstrates the fault triggering. Exploitation requires understanding of RISC-V memory management and ability to execute store instructions in kernel memory context.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check riscv-boom repository for updated version

Vendor Advisory: https://github.com/riscv-boom/riscv-boom

Restart Required: No

Instructions:

1. Monitor riscv-boom GitHub repository for patches. 2. Update processor implementation to patched version. 3. Recompile and redeploy affected systems. 4. Verify fix through testing store operations in SV39 mode.

🔧 Temporary Workarounds

Avoid SV39 write operations in kernel memory

all

Modify software to minimize store operations in kernel memory regions when using SV39 mode

Implement fault recovery mechanisms

all

Add exception handlers to recover from Store/AMO access faults without crashing

🧯 If You Can't Patch

Isolate affected systems from critical production workloads
Implement comprehensive monitoring for access fault patterns and system instability

🔍 How to Verify

Check if Vulnerable:

Test store operations in SV39 mode with write permissions to kernel memory and monitor for incorrect access faults

Check Version:

Check processor implementation version in system documentation or configuration files

Verify Fix Applied:

After patching, repeat the same store operations and verify no incorrect access faults occur

📡 Detection & Monitoring

Log Indicators:

Unexpected Store/AMO access faults in kernel logs
Increased page fault exceptions
Kernel panic messages related to memory access

Network Indicators:

None - this is a local processor vulnerability

SIEM Query:

Search for 'access fault', 'page fault', or 'kernel panic' events in system logs from BOOMv1.2 systems

📊 Metadata

CVE ID: CVE-2025-50897

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-284

EPSS Score: 0.02% exploit probability (5th percentile)

Published: August 19, 2025

Last Updated: October 17, 2025

🔗 References

https://github.com/LuLuji04/POC-Boomv1.2 Exploit,Third Party Advisory
https://github.com/riscv-boom/riscv-boom Product
https://github.com/riscv-software-src/riscv-isa-sim Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-50897, you might also want to check these: