163 matches found
SUSE CVE-2025-38170
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38170
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
AZL-64625 CVE-2025-38170 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38169
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneously clobbered during a context switch immediately after that state is restored. Systems without SME...
UBUNTU-CVE-2025-38170
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38170 arm64/fpsimd: Discard stale CPU state when handling SME traps
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38170 arm64/fpsimd: Discard stale CPU state when handling SME traps
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38170
CVE-2025-38170 concerns the Linux kernel (arm64) FPSIMD/SVE/SME state handling. A race during SME trap handling can cause a preemption race where a task ends up with TIF_SME set and TIF_FOREIGN_FPSTATE cleared while the live hardware state is stale. The provided code path shows a trap handler and...
CVE-2025-38170
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38169 arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneously clobbered during a context switch immediately after that state is restored. Systems without SME...
CVE-2025-38169 arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneously clobbered during a context switch immediately after that state is restored. Systems without SME...
CVE-2025-38169
In the Linux kernel (CVE-2025-38169) on arm64 with SME, a thread context switch could clobber the kernel FPSIMD state when restoring a previous kernel FPSIMD state while the CPU is in streaming SVE mode. The bug occurs if fpsimd_thread_switch() calls fpsimd_load_kernel_state() while streaming SVE...
PT-2025-27754
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically related to the arm64/fpsimd component. The issue occurs when a thread's kernel FPSIMD state is restored during a...
PT-2025-27755
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the handling of SME traps in the Linux kernel, specifically in the arm64/fpsimd component. The logic for handling SME traps manipulates saved FPSIMD/SVE/SME sta...
DEBIAN-CVE-2025-22013
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: Host SVE being discarded unexpectedly due to inconsistent...
UBUNTU-CVE-2025-22013
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: Host SVE being discarded unexpectedly due to inconsistent...
CVE-2025-22013
The CVE-2025-22013 entry concerns Linux kernel KVM on arm64, where host FPSIMD/SVE/SME state could be lazily saved and flushed, risking stale host state in memory and related issues (e.g., SVE discard due to TIF_SVE/CPACR_ELx.ZEN config, ptrace modifications, and non‑protected VM scenarios). The ...
MAL-2025-3144 Malicious code in awx-sme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1589ce6a2912b9485d4dbe439e4e45d59310f17ef83a03ad8dbc73d34f60cfdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in awx-sme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1589ce6a2912b9485d4dbe439e4e45d59310f17ef83a03ad8dbc73d34f60cfdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
kernel: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: Host SVE being discarded unexpectedly due to inconsistent...