CVE-2025-37996
- Source
- https://cve.org/CVERecord?id=CVE-2025-37996
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37996.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37996
- Downstream
- Published
- 2025-05-29T13:15:54.956Z
- Modified
- 2026-03-20T12:42:36.822459Z
- Summary
- KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Fix uninitialized memcache pointer in usermemabort()
Commit fce886a60207 ("KVM: arm64: Plumb the pKVM MMU in KVM") made the initialization of the local memcache variable in usermemabort() conditional, leaving a codepath where it is used uninitialized via kvmpgtablestage2_map().
This can fail on any path that requires a stage-2 allocation without transition via a permission fault or dirty logging.
Fix this by making sure that memcache is always valid.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37996.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/157dbc4a321f5bb6f8b6c724d12ba720a90f1a7c
- https://git.kernel.org/stable/c/a26d50f8a4a5049e956984797b5d0dedea4bbb18
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37996.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37996
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git