fkie_nvd - fkie_cve-2025-37751

fkie_cve-2025-37751

Vulnerability from fkie_nvd

Published

2025-05-01 13:15

Modified

2025-05-02 13:53

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to run off the end of the array. Replace the NULL.

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90

Impacted products

	Vendor	Product	Version

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu: Avoid running off the end of an AMD erratum table\n\nThe NULL array terminator at the end of erratum_1386_microcode was\nremoved during the switch from x86_cpu_desc to x86_cpu_id. This\ncauses readers to run off the end of the array.\n\nReplace the NULL."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/cpu: Evitar la ejecuci\u00f3n al final de una tabla de erratas de AMD. El terminador de matriz NULL al final de erratum_1386_microcode se elimin\u00f3 durante la migraci\u00f3n de x86_cpu_desc a x86_cpu_id. Esto provoca que los lectores se ejecuten al final de la matriz. Reemplace el NULL."
    }
  ],
  "id": "CVE-2025-37751",
  "lastModified": "2025-05-02T13:53:20.943",
  "metrics": {},
  "published": "2025-05-01T13:15:53.843",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2025-37751 (GCVE-0-2025-37751)

Vulnerability from cvelistv5

Published

2025-05-01 12:55

Modified

2025-05-26 05:20

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to run off the end of the array. Replace the NULL.

References

►

URL

Tags

	https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
	https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90

Impacted products

Vendor

Product

Version

►

Version: f3f3251526739bb975b97f840c56b3054dba8638
Version: f3f3251526739bb975b97f840c56b3054dba8638

Version: 6.14

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/cpu/amd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1b518f73f1b6f59e083ec33dea22d9a1a275a970",
              "status": "affected",
              "version": "f3f3251526739bb975b97f840c56b3054dba8638",
              "versionType": "git"
            },
            {
              "lessThan": "f0df00ebc57f803603f2a2e0df197e51f06fbe90",
              "status": "affected",
              "version": "f3f3251526739bb975b97f840c56b3054dba8638",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/cpu/amd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.14"
            },
            {
              "lessThan": "6.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.3",
                  "versionStartIncluding": "6.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "6.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu: Avoid running off the end of an AMD erratum table\n\nThe NULL array terminator at the end of erratum_1386_microcode was\nremoved during the switch from x86_cpu_desc to x86_cpu_id. This\ncauses readers to run off the end of the array.\n\nReplace the NULL."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-26T05:20:06.742Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970"
        },
        {
          "url": "https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90"
        }
      ],
      "title": "x86/cpu: Avoid running off the end of an AMD erratum table",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-37751",
    "datePublished": "2025-05-01T12:55:56.624Z",
    "dateReserved": "2025-04-16T04:51:23.937Z",
    "dateUpdated": "2025-05-26T05:20:06.742Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.