CVE-2025-10263 (GCVE-0-2025-10263)

Vulnerability from cvelistv5 – Published: 2026-06-09 09:23 – Updated: 2026-07-03 12:05
VLAI
Summary
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-266 - Incorrect Privilege Assignment
Assigner
Arm
Impacted products
Vendor Product Version
Arm C1-Ultra Affected: 0
Create a notification for this product.
Arm C1-Premium Affected: 0
Create a notification for this product.
Arm Neoverse V3 Affected: 0
Create a notification for this product.
Arm Neoverse V3AE Affected: 0
Create a notification for this product.
Arm Neoverse V1 Affected: 0
Create a notification for this product.
Arm Neoverse N2 Affected: 0
Create a notification for this product.
Arm Neoverse N1 Affected: 0
Create a notification for this product.
Arm Cortex-X925 Affected: 0
Create a notification for this product.
Arm Cortex-X4 Affected: 0
Create a notification for this product.
Arm Cortex-X3 Affected: 0
Create a notification for this product.
Arm Cortex-X2 Affected: 0
Create a notification for this product.
Arm Cortex-X1 Affected: 0
Create a notification for this product.
Arm Cortex-X1C Affected: 0
Create a notification for this product.
Arm Cortex-A710 Affected: 0
Create a notification for this product.
Arm Cortex-A78 Affected: 0
Create a notification for this product.
Arm Cortex-A78AE Affected: 0
Create a notification for this product.
Arm Cortex-A78C Affected: 0
Create a notification for this product.
Arm Cortex-A77 Affected: 0
Create a notification for this product.
Arm Cortex-A76 Affected: 0
Create a notification for this product.
Arm Cortex-A76AE Affected: 0
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux BaseOS (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux Real Time for NFV (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux Real Time (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux for NVIDIA 26     cpe:/a:redhat:enterprise_linux_nvidia:
Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-09T16:53:49.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://xenbits.xen.org/xsa/advisory-493.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/06/09/13"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-10263",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T14:11:21.775441Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T14:11:48.257Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Real Time (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_nvidia:"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux for NVIDIA 26",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:6"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 7",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-06-09T09:23:18.802Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in the Linux kernel on ARM processors. A race condition in Translation Lookaside Buffer Invalidation (TLBI) operations during memory permission changes allows a local attacker to write to memory resources owned by higher privilege levels. This could allow an unprivileged local attacker to gain kernel privileges or a guest VM to escape to the hypervisor, resulting in complete system compromise."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-266",
                "description": "Incorrect Privilege Assignment",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-03T12:05:05.282Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2025-10263"
          },
          {
            "name": "RHBZ#2486958",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486958"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:34911"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:34911: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-06-09T11:01:37.157Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-06-09T09:23:18.802Z",
            "value": "Made public."
          }
        ],
        "title": "kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources",
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "C1-Ultra",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "C1-Premium",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neoverse V3",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neoverse V3AE",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neoverse V1",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neoverse N2",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Neoverse N1",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X925",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X4",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X3",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X2",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X1",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-X1C",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A710",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A78",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A78AE",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A78C",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A77",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A76",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cortex-A76AE",
          "vendor": "Arm",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026amp; V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026amp; X1C, Cortex-A710, Cortex-A78, A78AE \u0026amp; A78C, Cortex-A77, Cortex-A76 \u0026amp; A76A may allow writes to resources owned by a higher exception level."
            }
          ],
          "value": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T09:23:18.802Z",
        "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
        "shortName": "Arm"
      },
      "references": [
        {
          "url": "https://developer.arm.com/documentation/112137"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
    "assignerShortName": "Arm",
    "cveId": "CVE-2025-10263",
    "datePublished": "2026-06-09T09:23:18.802Z",
    "dateReserved": "2025-09-11T08:50:36.018Z",
    "dateUpdated": "2026-07-03T12:05:05.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-10263",
      "date": "2026-07-05",
      "epss": "0.00474",
      "percentile": "0.3759"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-10263\",\"sourceIdentifier\":\"arm-security@arm.com\",\"published\":\"2026-06-09T10:16:33.003\",\"lastModified\":\"2026-07-03T13:16:52.290\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.\"}],\"affected\":[{\"source\":\"arm-security@arm.com\",\"affectedData\":[{\"vendor\":\"Arm\",\"product\":\"C1-Ultra\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"C1-Premium\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Neoverse V3\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Neoverse V3AE\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Neoverse V1\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Neoverse N2\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Neoverse N1\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X925\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X4\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X3\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X2\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X1\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-X1C\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A710\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A78\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A78AE\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A78C\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A77\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A76\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]},{\"vendor\":\"Arm\",\"product\":\"Cortex-A76AE\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux for NVIDIA 26\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_nvidia:\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":5.8}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-09T14:11:21.775441Z\",\"id\":\"CVE-2025-10263\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"arm-security@arm.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-266\"}]}],\"references\":[{\"url\":\"https://developer.arm.com/documentation/112137\",\"source\":\"arm-security@arm.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/06/09/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xenbits.xen.org/xsa/advisory-493.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34911\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-10263\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2486958\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://xenbits.xen.org/xsa/advisory-493.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/06/09/13\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-06-09T16:53:49.813Z\"}}, {\"title\": \"kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_nvidia:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux for NVIDIA 26\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-06-09T11:01:37.157Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-06-09T09:23:18.802Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:34911: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-06-09T09:23:18.802Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-10263\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2486958\", \"name\": \"RHBZ#2486958\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34911\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the Linux kernel on ARM processors. A race condition in Translation Lookaside Buffer Invalidation (TLBI) operations during memory permission changes allows a local attacker to write to memory resources owned by higher privilege levels. This could allow an unprivileged local attacker to gain kernel privileges or a guest VM to escape to the hypervisor, resulting in complete system compromise.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-266\", \"description\": \"Incorrect Privilege Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-03T12:05:05.282Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-10263\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-09T14:11:21.775441Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T14:11:12.753Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"affected\": [{\"vendor\": \"Arm\", \"product\": \"C1-Ultra\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"C1-Premium\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Neoverse V3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Neoverse V3AE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Neoverse V1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Neoverse N2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Neoverse N1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X925\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X4\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-X1C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A710\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A78\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A78AE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A78C\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A77\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A76\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Arm\", \"product\": \"Cortex-A76AE\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://developer.arm.com/documentation/112137\"}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026amp; V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026amp; X1C, Cortex-A710, Cortex-A78, A78AE \u0026amp; A78C, Cortex-A77, Cortex-A76 \u0026amp; A76A may allow writes to resources owned by a higher exception level.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-362\", \"description\": \"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"56a131ea-b967-4a0d-a41e-5f3549952846\", \"shortName\": \"Arm\", \"dateUpdated\": \"2026-06-09T09:23:18.802Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-10263\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-03T12:05:05.282Z\", \"dateReserved\": \"2025-09-11T08:50:36.018Z\", \"assignerOrgId\": \"56a131ea-b967-4a0d-a41e-5f3549952846\", \"datePublished\": \"2026-06-09T09:23:18.802Z\", \"assignerShortName\": \"Arm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…