CVE-2025-37761 – This CVE describes an out-of-bounds shift vulne... (How to Fix)

Q: What is the severity of CVE-2025-37761?

CVE-2025-37761 has a CVSS score of 7.1 (HIGH). This CVE describes an out-of-bounds shift vulnerability in the Linux kernel's Xe graphics driver that occurs when invalidating TLB (Translation Lookaside Buffer) ranges larger than rounddown_pow_of_two(ULONG_MAX). The vulnerability can cause kernel crashes and potentially lead to denial of service or privilege escalation. It affects Linux systems using the Xe graphics driver.

📋 TL;DR

This CVE describes an out-of-bounds shift vulnerability in the Linux kernel's Xe graphics driver that occurs when invalidating TLB (Translation Lookaside Buffer) ranges larger than rounddown_pow_of_two(ULONG_MAX). The vulnerability can cause kernel crashes and potentially lead to denial of service or privilege escalation. It affects Linux systems using the Xe graphics driver.

💻 Affected Systems

Products:

Linux kernel with Xe graphics driver

Versions: Linux kernel versions containing the vulnerable Xe driver code (specific versions not specified in CVE, but appears to be in development/6.14.0+ range)

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Xe graphics driver to be loaded and used. Systems without Intel Xe graphics hardware or without the Xe driver loaded are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential privilege escalation if combined with other vulnerabilities, or system instability causing data loss.

🟠

Likely Case

Kernel crash or system instability when specific graphics operations trigger large TLB invalidations, resulting in denial of service.

🟢

If Mitigated

Minor performance impact from using full TLB invalidations instead of range-based invalidations for large ranges.

🌐 Internet-Facing: LOW - This is a kernel-level vulnerability requiring local access or specific graphics operations.

🏢 Internal Only: MEDIUM - Local users or processes with graphics access could trigger the vulnerability, potentially causing system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM - Requires triggering specific graphics operations that cause large TLB invalidations.

The vulnerability was discovered through UBSAN (Undefined Behavior Sanitizer) during development/testing. No known active exploitation in the wild.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Linux kernel commit b88f48f86500bc0b44b4f73ac66d500a40d320ad and backported to stable branches

Vendor Advisory: https://git.kernel.org/stable/c/28477f701b63922ff88e9fb13f5519c11cd48b86

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable Xe graphics driver

linux

Prevent loading of the vulnerable Xe graphics driver module

echo 'blacklist xe' >> /etc/modprobe.d/blacklist-xe.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

Restrict access to users who can perform graphics operations
Monitor system logs for UBSAN shift-out-of-bounds warnings related to Xe driver

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if Xe driver is loaded: uname -r && lsmod | grep xe

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check dmesg for absence of UBSAN shift-out-of-bounds warnings related to Xe

📡 Detection & Monitoring

Log Indicators:

UBSAN: shift-out-of-bounds in ./include/linux/log2.h
Kernel panic or oops messages related to Xe driver
System crashes during graphics operations

Network Indicators:

None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("UBSAN: shift-out-of-bounds" OR "xe_gt_tlb_invalidation_range" OR "xe_exec_system")

📊 Metadata

CVE ID: CVE-2025-37761

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

EPSS Score: 0.02% exploit probability (4.5th percentile)

Published: May 1, 2025

Last Updated: November 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-37761, you might also want to check these: