Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for risc0 by risc0

    CVE-2025-61588 (GCVE-0-2025-61588)

    Vulnerability from nvd – Published: 2025-10-01 23:30 – Updated: 2025-10-02 18:01
    VLAI
    Title
    risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
    Summary
    RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. Other affected packages include risc0-aggregation versions below 0.9, risc0-zkos-v1compat below 2.1.0, risc0-zkvm versions between 3.0.0-rc.1 and 3.0.1. This issue has been fixed in the following versions: risc0-zkvm-platform 2.1.0, risc0-zkos-v1compat 2.1.0, risc0-aggregation 0.9, and risc0-zkvm 2.3.2 and 3.0.3.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: < 2.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-02T18:00:36.554327Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-02T18:01:05.528Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. Other affected packages include risc0-aggregation versions below 0.9,  risc0-zkos-v1compat below 2.1.0, risc0-zkvm versions between 3.0.0-rc.1 and 3.0.1. This issue has been fixed in the following versions: risc0-zkvm-platform 2.1.0, risc0-zkos-v1compat 2.1.0, risc0-aggregation 0.9, and risc0-zkvm 2.3.2 and 3.0.3."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-01T23:30:26.257Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-jqq4-c7wq-36h7",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-jqq4-c7wq-36h7"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3351",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3351"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/3f00e1fa0159599c1601e788021f2169d1f0a4dc",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/3f00e1fa0159599c1601e788021f2169d1f0a4dc"
            }
          ],
          "source": {
            "advisory": "GHSA-jqq4-c7wq-36h7",
            "discovery": "UNKNOWN"
          },
          "title": "risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61588",
        "datePublished": "2025-10-01T23:30:26.257Z",
        "dateReserved": "2025-09-26T16:25:25.150Z",
        "dateUpdated": "2025-10-02T18:01:05.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-54873 (GCVE-0-2025-54873)

    Vulnerability from nvd – Published: 2025-08-05 23:35 – Updated: 2025-08-06 13:53
    VLAI
    Title
    RISC Zero Underconstrained Vulnerability: Division
    Summary
    RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: >= 2.0.0, < 2.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54873",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T13:53:39.311739Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T13:53:46.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.0, \u003c 2.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the  risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-369",
                  "description": "CWE-369: Divide By Zero",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-05T23:35:09.208Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-f6rc-24x4-ppxp",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-f6rc-24x4-ppxp"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3235",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3235"
            },
            {
              "name": "https://github.com/risc0/zirgen/pull/249",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/pull/249"
            }
          ],
          "source": {
            "advisory": "GHSA-f6rc-24x4-ppxp",
            "discovery": "UNKNOWN"
          },
          "title": "RISC Zero Underconstrained Vulnerability: Division"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-54873",
        "datePublished": "2025-08-05T23:35:09.208Z",
        "dateReserved": "2025-07-31T17:23:33.473Z",
        "dateUpdated": "2025-08-06T13:53:46.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-52484 (GCVE-0-2025-52484)

    Vulnerability from nvd – Published: 2025-06-20 17:21 – Updated: 2025-06-23 15:28
    VLAI
    Title
    RISC Zero zkVM Underconstrained Vulnerability
    Summary
    RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of the rs1 register as the same as the rs2 register due to a lack of constraints in the rv32im circuit. Rust applications using the risc0-zkvm crate at versions 2.0.0, 2.0.1, and 2.0.2 should upgrade to version 2.1.0. Smart contract applications using the official RISC Zero Verifier Router do not need to take any action: zkVM version 2.1 is active on all official routers, and version 2.0 has been disabled. Smart contract applications not using the verifier router should update their contracts to send verification calls to the 2.1 version of the verifier.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: >= 2.0.0, < 2.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-52484",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-23T15:28:36.306490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-23T15:28:43.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.0, \u003c 2.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of the rs1 register as the same as the rs2 register due to a lack of constraints in the rv32im circuit. Rust applications using the risc0-zkvm crate at versions 2.0.0, 2.0.1, and 2.0.2 should upgrade to version 2.1.0. Smart contract applications using the official RISC Zero Verifier Router do not need to take any action: zkVM version 2.1 is active on all official routers, and version 2.0 has been disabled. Smart contract applications not using the verifier router should update their contracts to send verification calls to the 2.1 version of the verifier."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345: Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-20T17:21:28.392Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3181",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3181"
            },
            {
              "name": "https://github.com/risc0/zirgen/pull/238",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/pull/238"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89"
            },
            {
              "name": "https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae"
            }
          ],
          "source": {
            "advisory": "GHSA-g3qg-6746-3mg9",
            "discovery": "UNKNOWN"
          },
          "title": "RISC Zero zkVM Underconstrained Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-52484",
        "datePublished": "2025-06-20T17:21:28.392Z",
        "dateReserved": "2025-06-17T02:28:39.718Z",
        "dateUpdated": "2025-06-23T15:28:43.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61588 (GCVE-0-2025-61588)

    Vulnerability from cvelistv5 – Published: 2025-10-01 23:30 – Updated: 2025-10-02 18:01
    VLAI
    Title
    risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
    Summary
    RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. Other affected packages include risc0-aggregation versions below 0.9, risc0-zkos-v1compat below 2.1.0, risc0-zkvm versions between 3.0.0-rc.1 and 3.0.1. This issue has been fixed in the following versions: risc0-zkvm-platform 2.1.0, risc0-zkos-v1compat 2.1.0, risc0-aggregation 0.9, and risc0-zkvm 2.3.2 and 3.0.3.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: < 2.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-02T18:00:36.554327Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-02T18:01:05.528Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built with the affected versions are vulnerable. This critically compromises the soundness guarantees of the guest program. Other affected packages include risc0-aggregation versions below 0.9,  risc0-zkos-v1compat below 2.1.0, risc0-zkvm versions between 3.0.0-rc.1 and 3.0.1. This issue has been fixed in the following versions: risc0-zkvm-platform 2.1.0, risc0-zkos-v1compat 2.1.0, risc0-aggregation 0.9, and risc0-zkvm 2.3.2 and 3.0.3."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-01T23:30:26.257Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-jqq4-c7wq-36h7",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-jqq4-c7wq-36h7"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3351",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3351"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/3f00e1fa0159599c1601e788021f2169d1f0a4dc",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/3f00e1fa0159599c1601e788021f2169d1f0a4dc"
            }
          ],
          "source": {
            "advisory": "GHSA-jqq4-c7wq-36h7",
            "discovery": "UNKNOWN"
          },
          "title": "risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-61588",
        "datePublished": "2025-10-01T23:30:26.257Z",
        "dateReserved": "2025-09-26T16:25:25.150Z",
        "dateUpdated": "2025-10-02T18:01:05.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-54873 (GCVE-0-2025-54873)

    Vulnerability from cvelistv5 – Published: 2025-08-05 23:35 – Updated: 2025-08-06 13:53
    VLAI
    Title
    RISC Zero Underconstrained Vulnerability: Division
    Summary
    RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: >= 2.0.0, < 2.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-54873",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T13:53:39.311739Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-06T13:53:46.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.0, \u003c 2.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the  risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-369",
                  "description": "CWE-369: Divide By Zero",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-05T23:35:09.208Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-f6rc-24x4-ppxp",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-f6rc-24x4-ppxp"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3235",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3235"
            },
            {
              "name": "https://github.com/risc0/zirgen/pull/249",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/pull/249"
            }
          ],
          "source": {
            "advisory": "GHSA-f6rc-24x4-ppxp",
            "discovery": "UNKNOWN"
          },
          "title": "RISC Zero Underconstrained Vulnerability: Division"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-54873",
        "datePublished": "2025-08-05T23:35:09.208Z",
        "dateReserved": "2025-07-31T17:23:33.473Z",
        "dateUpdated": "2025-08-06T13:53:46.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-52484 (GCVE-0-2025-52484)

    Vulnerability from cvelistv5 – Published: 2025-06-20 17:21 – Updated: 2025-06-23 15:28
    VLAI
    Title
    RISC Zero zkVM Underconstrained Vulnerability
    Summary
    RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of the rs1 register as the same as the rs2 register due to a lack of constraints in the rv32im circuit. Rust applications using the risc0-zkvm crate at versions 2.0.0, 2.0.1, and 2.0.2 should upgrade to version 2.1.0. Smart contract applications using the official RISC Zero Verifier Router do not need to take any action: zkVM version 2.1 is active on all official routers, and version 2.0 has been disabled. Smart contract applications not using the verifier router should update their contracts to send verification calls to the 2.1 version of the verifier.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    risc0 risc0 Affected: >= 2.0.0, < 2.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-52484",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-23T15:28:36.306490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-23T15:28:43.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "risc0",
              "vendor": "risc0",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.0, \u003c 2.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The main idea for the attack is to confuse the RISC-V virtual machine into treating the value of the rs1 register as the same as the rs2 register due to a lack of constraints in the rv32im circuit. Rust applications using the risc0-zkvm crate at versions 2.0.0, 2.0.1, and 2.0.2 should upgrade to version 2.1.0. Smart contract applications using the official RISC Zero Verifier Router do not need to take any action: zkVM version 2.1 is active on all official routers, and version 2.0 has been disabled. Smart contract applications not using the verifier router should update their contracts to send verification calls to the 2.1 version of the verifier."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345: Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-20T17:21:28.392Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9"
            },
            {
              "name": "https://github.com/risc0/risc0/pull/3181",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/pull/3181"
            },
            {
              "name": "https://github.com/risc0/zirgen/pull/238",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/pull/238"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d"
            },
            {
              "name": "https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89"
            },
            {
              "name": "https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae"
            }
          ],
          "source": {
            "advisory": "GHSA-g3qg-6746-3mg9",
            "discovery": "UNKNOWN"
          },
          "title": "RISC Zero zkVM Underconstrained Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-52484",
        "datePublished": "2025-06-20T17:21:28.392Z",
        "dateReserved": "2025-06-17T02:28:39.718Z",
        "dateUpdated": "2025-06-23T15:28:43.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }