The lowRISC team and Ibex community (including the OpenTitan partnership) take security issues seriously.
We appreciate all efforts to find security vulnerabilities in Ibex and ask that responsible disclosure is practiced should you discover a potential vulnerability.
As Ibex and in particular its secure configuration was developed as part of OpenTitan contact [email protected] to report any security issues and do not open a public issue. [email protected] will advise on the coordinated vulnerability disclosure (CVD) procedure.