7.8

CVE-2025-37822

riscv: uprobes: Add missing fence.i after building the XOL buffer

In the Linux kernel, the following vulnerability has been resolved:

riscv: uprobes: Add missing fence.i after building the XOL buffer

The XOL (execute out-of-line) buffer is used to single-step the
replaced instruction(s) for uprobes. The RISC-V port was missing a
proper fence.i (i$ flushing) after constructing the XOL buffer, which
can result in incorrect execution of stale/broken instructions.

This was found running the BPF selftests "test_progs:
uprobe_autoattach, attach_probe" on the Spacemit K1/X60, where the
uprobes tests randomly blew up.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.12 < 6.12.26
LinuxLinux Kernel Version >= 6.13 < 6.14.5
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
LinuxLinux Kernel Version6.15 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.114
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/bcf6d3158c5902d92b6d62335af4422b7bf7c4e2
Patch
https://git.kernel.org/stable/c/1dbb95a36499374c51b47ee8ae258a8862c20978
Patch
https://git.kernel.org/stable/c/7d1d19a11cfbfd8bae1d89cc010b2cc397cd0c48
Patch
https://git.kernel.org/stable/c/77c956152a3a7c7a18b68f3654f70565b2181d03
Patch
https://git.kernel.org/stable/c/b6d8d4d01ca8514fa89b05355f296758a91e2297
Patch
https://git.kernel.org/stable/c/be6d98766ac952d38241d5a5b213f363afa421c3
Patch