CVE-2025-71203

Published: Feb 14, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use array_index_nospec() to clamp this value after the bounds check to prevent speculative out-of-bounds access and subsequent data leakage via cache side channels.

Vendor	Product	Versions
Linux	Linux	affected `f0bddf50586da81360627a772be0e355b62f071e - < 33743ec6679aa364ee19d1afbaa50593e9e6e443` affected `f0bddf50586da81360627a772be0e355b62f071e - < c45848936ebdb4fcab92f8c39510db83c16d0239` affected `f0bddf50586da81360627a772be0e355b62f071e - < 8b44e753795107a22ba31495686e83f4aca48f36` affected `f0bddf50586da81360627a772be0e355b62f071e - < 25fd7ee7bf58ac3ec7be3c9f82ceff153451946c`
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.6.130 - <= 6.6.` unaffected `6.12.70 - <= 6.12.` unaffected `6.18.10 - <= 6.18.*` +1 more versions

References

https://git.kernel.org/stable/c/33743ec6679aa364ee19d1afbaa50593e9e6e443

https://git.kernel.org/stable/c/c45848936ebdb4fcab92f8c39510db83c16d0239

https://git.kernel.org/stable/c/8b44e753795107a22ba31495686e83f4aca48f36

https://git.kernel.org/stable/c/25fd7ee7bf58ac3ec7be3c9f82ceff153451946c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-71203

Description

Affected Products

References