CVE-2025-38435

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38435

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38435.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38435

Downstream

UBUNTU-CVE-2025-38435

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

Published

2025-07-25T14:32:09Z

Modified

2025-10-18T04:17:37.632013Z

Summary

riscv: vector: Fix context save/restore with xtheadvector

Details

In the Linux kernel, the following vulnerability has been resolved:

riscv: vector: Fix context save/restore with xtheadvector

Previously only v0-v7 were correctly saved/restored, and the context of v8-v31 are damanged. Correctly save/restore v8-v31 to avoid breaking userspace.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d863910eabaffc68eb28aaf476dd870fc3f7197d

Fixed

dd5ceea8d50e9e108a10d1e0d89fa2c9ff442ca2

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d863910eabaffc68eb28aaf476dd870fc3f7197d

Fixed

4262bd0d9cc704ea1365ac00afc1272400c2cbef

Affected versions

v6.*

v6.12

v6.12-rc6

v6.12-rc7

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.15.1

v6.15.2

v6.15.3

v6.15.4

v6.16-rc1

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.14.0

Fixed

6.15.5