Wind River Support Network

HomeDefectsLIN1024-9394
Fixed

LIN1024-9394 : Security Advisory - linux - CVE-2025-37948

Created: May 21, 2025    Updated: Jun 8, 2025
Resolved Date: Jun 5, 2025
Found In Version: 10.24.33.1
Fix Version: 10.24.33.10
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs

A malicious BPF program may manipulate the branch history to influence
what the hardware speculates will happen next.

On exit from a BPF program, emit the BHB mititgation sequence.

This is only applied for 'classic' cBPF programs that are loaded by
seccomp.

CREATE(Triage):(User=admin) CVE-2025-37948 (https://nvd.nist.gov/vuln/detail/CVE-2025-37948)

CVEs


Live chat
Online