In the Linux kernel, the following vulnerability has been resolved:
arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array
The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
[
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-179129e7",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@715eb1af64779e1b1aa0a7b2ffb81414d9f708e5",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-2bc8e054",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@875d742cf5327c93cba1f11e12b08d3cce7a88d2",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-2ebba566",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@875d742cf5327c93cba1f11e12b08d3cce7a88d2",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-33eebeca",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ff25f0b18d1d0174c105e4620428bcdc1213860",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-3aebdfb6",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ab90894f33c15b14c1cee6959ab6c8dcb09127f8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-40b8fd58",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e4fde33107351ec33f1a64188612fbc6ca659284",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-68cbcebd",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@88a3e6afaf002250220793df99404977d343db14",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-8cd4e3b7",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ff25f0b18d1d0174c105e4620428bcdc1213860",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-9d41a2c0",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67b99a2b5811df4294c2ad50f9bff3b6a08bd618",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-ac0036d7",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ab90894f33c15b14c1cee6959ab6c8dcb09127f8",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-b12f42bb",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@715eb1af64779e1b1aa0a7b2ffb81414d9f708e5",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-c9e9e351",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4371ac7b494e933fffee2bd6265d18d73c4f05aa",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"function": "populate_cache_leaves",
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-d6e456c6",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e4fde33107351ec33f1a64188612fbc6ca659284",
"digest": {
"function_hash": "323336895238770268138609411148735762711",
"length": 461.0
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-f4952d18",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@88a3e6afaf002250220793df99404977d343db14",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-fdf47cd8",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67b99a2b5811df4294c2ad50f9bff3b6a08bd618",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
},
{
"target": {
"file": "arch/arm64/kernel/cacheinfo.c"
},
"id": "CVE-2025-21785-ff5ec6ee",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4371ac7b494e933fffee2bd6265d18d73c4f05aa",
"digest": {
"threshold": 0.9,
"line_hashes": [
"275665508309121328542502699331389378234",
"287160279133746253139174742518836082645",
"318893618429959394607439835888464840024",
"337266045192113433007832993434693524658",
"334642178339718359717719363641044768373",
"234509177012097469212533606535250261271",
"261198005902226548521887091070225597968",
"253590004866408749510766102380617612586",
"105797371763037396797024188404647830507",
"7278381973274325764578296168151349283",
"292101807786891350033889532031086867628",
"215983111724966918741646955960532005006"
]
}
}
]