CVE-2025-37975

Summary

In the Linux kernel, the following vulnerability has been resolved:

riscv: module: Fix out-of-bounds relocation access

The current code allows rel[j] to access one element past the end of the relocation section. Simplify to num_relocations which is equivalent to the existing size expression.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux080c4324fa5e81ff3780206a138223abfb57a68e < a068ea00009d373d825c528f9c168501519211b4affected
LinuxLinux080c4324fa5e81ff3780206a138223abfb57a68e < 95e4e1c1cf614d125f159db9726b7abb32e18385affected
LinuxLinux080c4324fa5e81ff3780206a138223abfb57a68e < 0b4cce68efb93e31a8e51795d696df6e379cb41caffected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.12.25 <= 6.12.*unaffected
LinuxLinux6.14.4 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References