The vulnerability in NEMU involves an implementation flaw in the handling of RISC-V Hypervisor Control and Status Registers (CSRs). Specifically, bits henvcfg[7:4], which relate to cache-block instruction enablement fields (CBIE, CBCFE, CBZE), are incorrectly masked or updated based on the machine-mode environment configuration register menvcfg[7:4]. As a result, a write operation in machine mode to menvcfg can inadvertently modify the hypervisor's environment configuration. This misconfiguration can cause incorrect enforcement of virtualization controls and may trigger unexpected traps or denial of service conditions when executing cache-block management instructions in virtualized contexts (V=1).

The flaw can lead to incorrect enforcement of virtualization configuration within the hypervisor, potentially causing unexpected traps or denial of service during execution of cache-block management instructions. There is no evidence of known exploits in the wild. The impact is primarily on the stability and correct operation of virtualized environments using NEMU with RISC-V hypervisor support.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or temporary workaround has been documented at this time.