{"id":"AZL-62756","summary":"CVE-2025-37822 affecting package kernel for versions less than 6.6.121.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: uprobes: Add missing fence.i after building the XOL buffer\n\nThe XOL (execute out-of-line) buffer is used to single-step the\nreplaced instruction(s) for uprobes. The RISC-V port was missing a\nproper fence.i (i$ flushing) after constructing the XOL buffer, which\ncan result in incorrect execution of stale/broken instructions.\n\nThis was found running the BPF selftests \"test_progs:\nuprobe_autoattach, attach_probe\" on the Spacemit K1/X60, where the\nuprobes tests randomly blew up.","modified":"2026-04-01T05:20:08.273993Z","published":"2025-05-08T07:15:53Z","upstream":["CVE-2025-37822"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37822"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.121.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-62756.json"}}],"schema_version":"1.7.5"}