Unrated severityNVD Advisory· Published Feb 14, 2026· Updated Mar 25, 2026

riscv: Sanitize syscall table indexing under speculation

CVE-2025-71203

Description

In the Linux kernel, the following vulnerability has been resolved:

The syscall number is a user-controlled value used to index into the syscall table. Use array_index_nospec() to clamp this value after the bounds check to prevent speculative out-of-bounds access and subsequent data leakage via cache side channels.

Affected products

Linux/Linux Kernel Rtllm-fuzzy
Linux/Linuxv5
Range: 6.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/stable/c/25fd7ee7bf58ac3ec7be3c9f82ceff153451946cmitre
git.kernel.org/stable/c/33743ec6679aa364ee19d1afbaa50593e9e6e443mitre
git.kernel.org/stable/c/8b44e753795107a22ba31495686e83f4aca48f36mitre
git.kernel.org/stable/c/c45848936ebdb4fcab92f8c39510db83c16d0239mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000