risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
Arbitrary code execution in guest via memory safety failure in sys_read In affected versions of risc0-zkvm-platform, when the zkVM guest calls sys_read, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute arbitrary code within the guest. As sys_read is the mechanism by which input is requested by the guest, all guest programs built …