CVE-2025-10263

CRITICAL

ARM C1-Ultra - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Title source: rule

Description

Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.

References (3)

Core 3

Core References

https://developer.arm.com/documentation/112137

Various Sources

http://xenbits.xen.org/xsa/advisory-493.html

Mailing List

http://www.openwall.com/lists/oss-security/2026/06/09/13

Scores

CVSS v3 9.1

EPSS 0.0039

EPSS Percentile 30.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-362

Status published

Products (20)

Arm/C1-Premium

Arm/C1-Ultra

Arm/Cortex-A710

Arm/Cortex-A76

Arm/Cortex-A76AE

Arm/Cortex-A77

Arm/Cortex-A78

Arm/Cortex-A78AE

Arm/Cortex-A78C

Arm/Cortex-X1

... and 10 more

Published Jun 09, 2026

Tracked Since Jun 09, 2026