{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T22:19:46.199","vulnerabilities":[{"cve":{"id":"CVE-2025-37822","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-05-08T07:15:53.427","lastModified":"2026-03-17T15:02:19.537","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: uprobes: Add missing fence.i after building the XOL buffer\n\nThe XOL (execute out-of-line) buffer is used to single-step the\nreplaced instruction(s) for uprobes. The RISC-V port was missing a\nproper fence.i (i$ flushing) after constructing the XOL buffer, which\ncan result in incorrect execution of stale/broken instructions.\n\nThis was found running the BPF selftests \"test_progs:\nuprobe_autoattach, attach_probe\" on the Spacemit K1/X60, where the\nuprobes tests randomly blew up."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: uprobes: Añadir un archivo \"fence.i\" faltante tras la construcción del búfer XOL. El búfer XOL (ejecución fuera de línea) se utiliza para ejecutar paso a paso las instrucciones reemplazadas para uprobes. El puerto RISC-V carecía de un archivo \"fence.i\" adecuado (vaciado de i$) tras la construcción del búfer XOL, lo que puede provocar la ejecución incorrecta de instrucciones obsoletas o dañadas. Esto se detectó al ejecutar las pruebas automáticas de BPF \"test_progs: uprobe_autoattach, attached_probe\" en Spacemit K1/X60, donde las pruebas de uprobes fallaron aleatoriamente."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.12","versionEndExcluding":"6.12.26","matchCriteriaId":"D3F18733-8BB0-4660-9A7D-24D2736EB26E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.14.5","matchCriteriaId":"6B25CA7E-4CD0-46DB-B4EF-13A3516071FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:*","matchCriteriaId":"8D465631-2980-487A-8E65-40AE2B9F8ED1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc2:*:*:*:*:*:*","matchCriteriaId":"4C9D071F-B28E-46EC-AC61-22B913390211"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc3:*:*:*:*:*:*","matchCriteriaId":"13FC0DDE-E513-465E-9E81-515702D49B74"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1dbb95a36499374c51b47ee8ae258a8862c20978","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/77c956152a3a7c7a18b68f3654f70565b2181d03","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7d1d19a11cfbfd8bae1d89cc010b2cc397cd0c48","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b6d8d4d01ca8514fa89b05355f296758a91e2297","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bcf6d3158c5902d92b6d62335af4422b7bf7c4e2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/be6d98766ac952d38241d5a5b213f363afa421c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}