CVE-2025-0647
Last modified
CVE-2025-0647 is a high-severity vulnerability rated 7.9/10 on the CVSS scale. In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.. EPSS estimates a 0.15% chance of exploitation in the next 30 days.
Description
In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Arm | C1-Ultra Firmware | All versions |
| Arm | C1-Premium Firmware | All versions |
| Arm | Cortex-A710 Firmware | All versions |
| Arm | Cortex-X2 Firmware | All versions |
| Arm | Cortex-X3 Firmware | All versions |
| Arm | Cortex-X4 Firmware | All versions |
| Arm | Cortex-X925 Firmware | All versions |
| Arm | Neoverse-V2 Firmware | All versions |
| Arm | Neoverse-V3 Firmware | All versions |
| Arm | Neoverse-V3ae Firmware | All versions |
| Arm | Neoverse-N2 Firmware | All versions |
References
- https://developer.arm.com/documentation/111546Vendor Advisory
- https://graph.volerion.com/view?ID=CVE-2025-0647Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-0647?
How severe is CVE-2025-0647?
How do I fix CVE-2025-0647?
Are you affected by CVE-2025-0647?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST