Home

Description

In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL (execute out-of-line) buffer is used to single-step the replaced instruction(s) for uprobes. The RISC-V port was missing a proper fence.i (i$ flushing) after constructing the XOL buffer, which can result in incorrect execution of stale/broken instructions. This was found running the BPF selftests "test_progs: uprobe_autoattach, attach_probe" on the Spacemit K1/X60, where the uprobes tests randomly blew up.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-08 | Updated 2025-05-26 | Assigner Linux

Product status

Default status
unaffected

74784081aac8a0f3636965fc230e2d3b7cc123c6 (git) before bcf6d3158c5902d92b6d62335af4422b7bf7c4e2
affected

74784081aac8a0f3636965fc230e2d3b7cc123c6 (git) before 1dbb95a36499374c51b47ee8ae258a8862c20978
affected

74784081aac8a0f3636965fc230e2d3b7cc123c6 (git) before 7d1d19a11cfbfd8bae1d89cc010b2cc397cd0c48
affected

Default status
affected

5.12
affected

Any version before 5.12
unaffected

6.12.26 (semver)
unaffected

6.14.5 (semver)
unaffected

6.15 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/bcf6d3158c5902d92b6d62335af4422b7bf7c4e2

git.kernel.org/...c/1dbb95a36499374c51b47ee8ae258a8862c20978

git.kernel.org/...c/7d1d19a11cfbfd8bae1d89cc010b2cc397cd0c48

cve.org (CVE-2025-37822)

nvd.nist.gov (CVE-2025-37822)

Download JSON