CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

August 9, 2025

CVE ID : CVE-2025-8774

Published : Aug. 9, 2025, 9:15 p.m. | 2 hours, 25 minutes ago

Description : A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8775 – Qiyuesuo Electronic Signature Platform Unrestricted File Upload Vulnerability

Next Article CVE-2025-8773 – Dinstar Monitoring Platform SQL Injection Vulnerability

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Hackers Exploited 17-year-old Vulnerability to Weaponize Word Documents

CVE-2025-27706 – Absolute Secure Access Cross-Site Scripting

CVE-2024-41177 – Apache Zeppelin Cross-Site Scripting (CWE-80)

Europol Issues Public Alert: ‘We Will Never Call You’ as Phone and App Scams Surge

Using generative AI to help robots jump higher and land safely

The Borderlands 4 release date is finally upon us, and I’m stoked — here’s exactly when you can play at launch time and enjoy “the return of the looter-shooter king”

Typhoon-like gang slinging TLS certificate ‘signed’ by the Los Angeles Police Department

CVE-2025-6558 – Chrome Zero-Day Sandbox Escape via GPU Rendering Flaw

CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

Related Posts