CVE-2025-54873 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0…
Low CVSS: 2.7

CVE-2025-54873

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages.
Vendor
-
Product
-
CWE
CWE-369
Yayın Tarihi
2025-08-06 00:15:31
Güncelleme
2025-08-06 20:23:37
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-369 LOW 2025

Referanslar

https://github.com/risc0/risc0/pull/3235 https://github.com/risc0/risc0/security/advisories/GHSA-f6rc-24x4-ppxp https://github.com/risc0/zirgen/pull/249