NEMU RISC-V Vector Instruction Validation Vulnerability

A vulnerability exists in NEMU (OpenXiangShan/NEMU) versions prior to v2025.12.r2, where the RISC-V Vector decoder improperly validates the funct3 field for the vsetvli, vsetivli, and vsetvl instructions. This flaw allows certain invalid OP-V instruction encodings to be misinterpreted as valid vset* configuration instructions, instead of triggering an illegal-instruction exception. Exploitation involves using crafted RISC-V binaries, which can lead to incorrect trap behavior, corruption or divergence of architectural state, and potential denial-of-service in environments that depend on NEMU for accurate execution or sandboxing.

Impact

Exploitation of this vulnerability can cause incorrect trap handling, leading to exceptions not being raised as they should be. This can disrupt the normal execution flow, causing applications to behave unexpectedly or fail. Additionally, the vulnerability can corrupt or diverge the architectural state, which may lead to further errors or inconsistencies in program execution. In systems that rely on NEMU for sandboxing or accurate emulation, this vulnerability could be exploited to bypass security measures or execute unauthorized actions.

Reproduction

The vulnerability can be reproduced by using a RISC-V binary that includes an invalid OP-V instruction encoding, such as 'vredxor.vs', which is incorrectly decoded as 'vsetvl' due to the validation flaw. This can be done by crafting a binary that exploits the improper instruction validation in the NEMU RISC-V Vector decoder.

Remediation

Users can update to NEMU version v2025.12.r2 or later, where this vulnerability has been fixed.