CVE-2025-40065
Linux Kernel 5.16-6.17.3 - Unauthenticated Remote Code Execution via RISC-V KVM hgatp Register
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detected the valid mode supported by the HW before, So using a valid mode to detect how many vmid bits are supported.
References (2)
Core 2
Scores
EPSS
0.0017
EPSS Percentile
6.4%
Details
Status
published
Products (7)
linux/Kernel
5.16.0 - 6.17.3linux
Linux/Linux
< 5.16
Linux/Linux
5.16
Linux/Linux
6.17.3 - 6.17.*
Linux/Linux
6.18
Linux/Linux
fd7bb4a251dfc1da3496bf59a4793937c13e8c1f - 2b351e3d04be9e1533f26c3464f1e44a5beace30
Linux/Linux
fd7bb4a251dfc1da3496bf59a4793937c13e8c1f - d00b61cd37f4c183ce0edbc9f8ccf6d5430ea357
Published
Oct 28, 2025
Tracked Since
Feb 18, 2026