CVE-2025-37963
MEDIUMLinux Kernel - Unprivileged cBPF Program Mitigation Bypass via Branch History Injection
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only mitigate cBPF programs that were loaded by an unprivileged user. Privileged users can also load the same program via eBPF, making the mitigation pointless.
References (9)
Core 9
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Scores
CVSS v3
5.5
EPSS
0.0008
EPSS Percentile
23.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (25)
debian/debian_linux
11.0
linux/Kernel
3.7.0 - 5.10.239linux
linux/Kernel
5.11.0 - 5.15.186linux
linux/Kernel
5.16.0 - 6.1.139linux
linux/Kernel
6.13.0 - 6.14.7linux
linux/Kernel
6.2.0 - 6.6.91linux
linux/Kernel
6.7.0 - 6.12.29linux
Linux/Linux
< 3.7
Linux/Linux
0be7320a635c2e434e8b67e0e9474a85ceb421c4 - 038866e01ea5e5a3d948898ac216e531e7848669
Linux/Linux
0be7320a635c2e434e8b67e0e9474a85ceb421c4 - 477481c4348268136227348984b6699d6370b685
... and 15 more
Published
May 20, 2025
Tracked Since
Feb 18, 2026