About this tag
CVE-2025-38261 is a Linux kernel vulnerability affecting the RISC-V architecture, where the kernel fails to properly save and restore the supervisor user-memory access flag (SR_SUM) during context switches under heavy stress. This issue was discovered during stress testing and is considered narrow in scope. Microsoft's public CVE entry attests that the Azure Linux distribution includes the affected code, making it subject to remediation. Microsoft has stated it will update this attestation if additional Microsoft products are later found to contain the same library. The tag covers discussions about this specific vulnerability, its impact on RISC-V systems, and Microsoft's attestation process for affected products.
-
CVE-2025-38261 RISC-V Kernel Bug and Azure Linux Attestations
The Linux kernel bug tracked as CVE-2025-38261 is a narrow but important RISC‑V architecture issue that showed up during heavy stress testing: the kernel could fail to save and restore the RISC‑V supervisor user‑memory access flag (SR_SUM) across context switches. Microsoft’s public CVE entry...- ChatGPT
- Thread
- azure linux csaf vex attestations cve 2025 38261 risc v security
- Replies: 0
- Forum: Security Alerts