CVE-2025-37751
MEDIUM EPSS 3.1%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to run off the end of the array. Replace the NULL.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
3.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 2
References 2
- git.kernel.org https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
- git.kernel.org https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90
Remediation
- git.kernel.org https://git.kernel.org/stable/c/1b518f73f1b6f59e083ec33dea22d9a1a275a970
- git.kernel.org https://git.kernel.org/stable/c/f0df00ebc57f803603f2a2e0df197e51f06fbe90