CVE-2025-37751

MEDIUM EPSS 3.1%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to run off the end of the array. Replace the NULL.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.14  –  <6.14.3
linuxlinux_kernel6.15any

References 2

  • git.kernel.org https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90
    Patch