CVE-2025-38169

arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneously
clobbered during a context switch immediately after that state is
restored. Systems without SME are unaffected. If the CPU happens to be in streaming SVE mode before a context switch
to a thread with kernel FPSIMD state, fpsimd_thread_switch() will
restore the kernel FPSIMD state using fpsimd_load_kernel_state() while
the CPU is still in streaming SVE mode. When fpsimd_thread_switch()
subsequently calls fpsimd_flush_cpu_state(), this will execute an
SMSTOP, causing an exit from streaming SVE mode. The exit from
streaming SVE mode will cause the hardware to reset a number of
FPSIMD/SVE/SME registers, clobbering the FPSIMD state. Fix this by calling fpsimd_flush_cpu_state() before restoring the kernel
FPSIMD state.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-04-16 CVE Reserved
2025-07-03 CVE Published
2025-07-03 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/e92bee9f861b466c676f0200be3e46af7bc4ac6b	Vuln. Introduced
https://git.kernel.org/stable/c/e003c485ac82a9f8de4204912ed059ac6dd4257c	Vuln. Introduced
https://git.kernel.org/stable/c/25b90cd122d546823da90b916f7c3289dfe83a99	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/55d52af498daea75aa03ba9b7e444c8ae495ac20	2025-06-19
https://git.kernel.org/stable/c/a305821f597ec943849d3e53924adb88c61ed682	2025-06-19
https://git.kernel.org/stable/c/01098d893fa8a6edb2b56e178b798e3e6b674f02	2025-04-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.10 < 6.12.34 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.12.34"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.10 < 6.15.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.15.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.10 < 6.16-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.16-rc1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.8.12 Search vendor "Linux" for product "Linux Kernel" and version "6.8.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.9.3 Search vendor "Linux" for product "Linux Kernel" and version "6.9.3"		en		Affected