CVE-2025-71203

Summary

In the Linux kernel, the following vulnerability has been resolved:

riscv: Sanitize syscall table indexing under speculation

The syscall number is a user-controlled value used to index into the syscall table. Use array_index_nospec() to clamp this value after the bounds check to prevent speculative out-of-bounds access and subsequent data leakage via cache side channels.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf0bddf50586da81360627a772be0e355b62f071e < 33743ec6679aa364ee19d1afbaa50593e9e6e443affected
LinuxLinuxf0bddf50586da81360627a772be0e355b62f071e < c45848936ebdb4fcab92f8c39510db83c16d0239affected
LinuxLinuxf0bddf50586da81360627a772be0e355b62f071e < 8b44e753795107a22ba31495686e83f4aca48f36affected
LinuxLinuxf0bddf50586da81360627a772be0e355b62f071e < 25fd7ee7bf58ac3ec7be3c9f82ceff153451946caffected
LinuxLinux6.4affected
LinuxLinux0 < 6.4unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.70 <= 6.12.*unaffected
LinuxLinux6.18.10 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References