CVE-2025-37849
Published: May 9, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this leak the corresponding memory when the vCPU is destroyed but it can also lead to use-after-free if the redistributor device handling tries to walk into the vCPU. Add the missing cleanup to kvm_arch_vcpu_create(), ensuring that the vGIC vCPU structures are destroyed on error.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6211753fdfd05af9e08f54c8d0ba3ee516034878 - < 07476e0d932afc53c05468076393ac35d0b4999eaffected 6211753fdfd05af9e08f54c8d0ba3ee516034878 - < 5085e02362b9948f82fceca979b8f8e12acb1cc5affected 6211753fdfd05af9e08f54c8d0ba3ee516034878 - < c322789613407647a05ff5c451a7bf545fb34e73affected 6211753fdfd05af9e08f54c8d0ba3ee516034878 - < 2480326eba8ae9ccc5e4c3c2dc8d407db68e3c52affected 6211753fdfd05af9e08f54c8d0ba3ee516034878 - < f1e9087abaeedec9bf2894a282ee4f0d8383f299+1 more versions |
Linux | Linux | affected 3.11unaffected 0 - < 3.11unaffected 6.1.135 - <= 6.1.*unaffected 6.6.88 - <= 6.6.*unaffected 6.12.24 - <= 6.12.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now