CVE-2025-37996

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the KVM (Kernel-based Virtual Machine) for arm64 architecture. The issue was caused by an uninitialized memcache pointer in the user mem abort() function, which could lead to failure on paths requiring stage-2 allocation without transition via a permission fault or dirty logging. This was introduced by a commit that made the initialization of the local memcache variable conditional.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.