CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

August 9, 2025

CVE ID : CVE-2025-8774

Published : Aug. 9, 2025, 9:15 p.m. | 2 hours, 25 minutes ago

Description : A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8775 – Qiyuesuo Electronic Signature Platform Unrestricted File Upload Vulnerability

Next Article CVE-2025-8773 – Dinstar Monitoring Platform SQL Injection Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

CVE-2025-44039 – CP-XR-DE21-S 4G Router Firmware UART Console Authentication Bypass

I refunded The Elder Scrolls 4: Oblivion Remaster on Steam Deck and I’m not the only one unhappy with it

AI agents unifying structured and unstructured data: Transforming support analytics and beyond with Amazon Q Plugins

CVE-2025-6918 – Ncvav Virtual PBX Software SQL Injection Vulnerability

CVE-2025-5202 – Open Asset Import Library Assimp Out-of-Bounds Read Vulnerability

Smashing Animations Part 2: How CSS Masking Can Add An Extra Dimension

CVE-2025-7108 – Risesoft Y9 Digital-Infrastructure Remote Path Traversal Vulnerability

How AI-enabled autonomous business will change the way you work forever

CVE-2025-8774 – Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

Related Posts