What is the severity of CVE-2025-37849?

The severity of CVE-2025-37849 is rated as medium due to its impact on the virtual GIC in the Linux kernel.

How do I fix CVE-2025-37849?

To fix CVE-2025-37849, ensure that you apply the latest patches for the Linux kernel provided by your distribution.

What systems are affected by CVE-2025-37849?

CVE-2025-37849 affects various versions of the Linux kernel that utilize KVM on arm64 systems.

What is the impact of CVE-2025-37849?

The impact of CVE-2025-37849 can lead to unintended behavior during vCPU creation due to initialized vGIC data.

Is CVE-2025-37849 exploitable remotely?

CVE-2025-37849 is not directly exploitable remotely as it involves local interactions with the hypervisor.

Vulnerability/
CVE-2025-37849

CWE

416

9/5/2025

CVE-2025-37849: KVM: arm64: Tear down vGIC on failed vCPU creation

First published: Fri May 09 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this leak the corresponding memory when the vCPU is destroyed but it can also lead to use-after-free if the redistributor device handling tries to walk into the vCPU. Add the missing cleanup to kvm_arch_vcpu_create(), ensuring that the vGIC vCPU structures are destroyed on error.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-37849?
The severity of CVE-2025-37849 is rated as medium due to its impact on the virtual GIC in the Linux kernel.
How do I fix CVE-2025-37849?
To fix CVE-2025-37849, ensure that you apply the latest patches for the Linux kernel provided by your distribution.
What systems are affected by CVE-2025-37849?
CVE-2025-37849 affects various versions of the Linux kernel that utilize KVM on arm64 systems.
What is the impact of CVE-2025-37849?
The impact of CVE-2025-37849 can lead to unintended behavior during vCPU creation due to initialized vGIC data.
Is CVE-2025-37849 exploitable remotely?
CVE-2025-37849 is not directly exploitable remotely as it involves local interactions with the hypervisor.

collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/weakness
agent/type
agent/first-publish-date
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/author
agent/last-modified-date
agent/source
agent/tags
agent/event
vendor/linux
canonical/linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.