Out-of-Bounds Access Vulnerability in Linux Kernel for RISC-V Architecture
CVE-2025-37975

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-37975?

A vulnerability in the Linux kernel for RISC-V architecture allows out-of-bounds access due to the improper size check within the relocation section. This flaw can lead to unintended access beyond the allocated memory space, potentially compromising system stability and security. The vulnerability has been addressed by simplifying the code to directly reference the number of relocations, effectively mitigating the risk of exploitation.

Affected Version(s)

Linux 080c4324fa5e81ff3780206a138223abfb57a68e

Linux 080c4324fa5e81ff3780206a138223abfb57a68e < 95e4e1c1cf614d125f159db9726b7abb32e18385

Linux 080c4324fa5e81ff3780206a138223abfb57a68e < 0b4cce68efb93e31a8e51795d696df6e379cb41c

References

https://git.kernel.org/stable/c/a068ea00009d373d825c528f9...

https://git.kernel.org/stable/c/95e4e1c1cf614d125f159db97...

https://git.kernel.org/stable/c/0b4cce68efb93e31a8e51795d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 16, 2025