CVE-2025-37846

arm64: mops: Do not dereference src reg for a set operation

Description

In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET* and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET* sequence with XZR (reg 31) as the source. Architecturally this is the only case where a src/dst/size field in the ESR can be reported as 31. Prior to 2de451a329cf662b the code in do_el0_mops() was benign as the use of pt_regs_read_reg() prevented the out-of-bounds access.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/eec737e17e5567e08148550a7f1d94d495b9fb17
https://git.kernel.org/stable/c/43267d934eacff6c70e15545d804ebbcab8a0bf5
https://git.kernel.org/stable/c/5f6022a74147675124b781fdc056b291850e7786
https://git.kernel.org/stable/c/a13bfa4fe0d6949cea14718df2d1fe84c38cd113

Frequently Asked Questions

What is the severity of CVE-2025-37846?
CVE-2025-37846 has not yet been assigned a CVSS score.
How to fix CVE-2025-37846?
To fix CVE-2025-37846, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37846 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-37846 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37846?
CVE-2025-37846 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.