vulnerability

Debian: CVE-2025-37963: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

May 20, 2025

Added

May 28, 2025

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users

Support for eBPF programs loaded by unprivileged users is typically
disabled. This means only cBPF programs need to be mitigated for BHB.

In addition, only mitigate cBPF programs that were loaded by an
unprivileged user. Privileged users can also load the same program
via eBPF, making the mitigation pointless.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2025-37963
https://attackerkb.com/topics/CVE-2025-37963
DEBIAN-DSA-5925-1
EUVD-EUVD-2025-15886
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-15886

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report