CVE-2025-37846

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2de451a329cf662b

Description A vulnerability in the Linux kernel has been resolved, specifically related to the arm64 architecture. The issue involves the source register not being used for SET* operations, and reading it can result in a UBSAN out-of-bounds array access error. This error occurs when the MOPS exception is taken from a SET* sequence with XZR (reg 31) as the source. The code in do el0 mops() was previously benign due to the use of pt regs read reg(), which prevented the out-of-bounds access.

Recommendations For Linux kernel versions prior to 2de451a329cf662b, update to a version that includes the fix for this issue to prevent potential out-of-bounds array access errors. As a temporary workaround, consider restricting the use of the SET* operation with XZR (reg 31) as the source until a patch is available.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476CWE-125

Related Identifiers

BDU:2026-02463

CVE-2025-37846

SUSE-SU-2025:01982-1

SUSE-SU-2025_01982-1

USN-7594-1

USN-7594-2

USN-7594-3

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-37846

Weakness Enumeration

Related Identifiers

Affected Products

References · 1567