VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-z8x2-y92m-ybh4

Essentials
Severities (15)
References (9)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-z8x2-y92m-ybh4
Aliases	CVE-2025-37893
Summary	kernel: LoongArch: BPF: Fix off-by-one error in build_prologue()
Status	Published
Exploitability	0.5
Weighted Severity	5.0
Risk	2.5
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-193

Off-by-one Error

System	Score	Found at
cvssv3	5.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37893.json
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2025-37893
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2025-37893
epss	0.00019	https://api.first.org/data/v1/epss?cve=CVE-2025-37893
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.5	https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b
ssvc	Track	https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b
cvssv3.1	5.5	https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0
ssvc	Track	https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0
cvssv3.1	5.5	https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9
ssvc	Track	https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9
cvssv3.1	5.5	https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45
ssvc	Track	https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45
cvssv3.1	5.5	https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae
ssvc	Track	https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37893.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-37893
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
205a2182c51ffebaef54d643e3745e720cded08b		https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b
2360931		https://bugzilla.redhat.com/show_bug.cgi?id=2360931
48b904de2408af5f936f0e03f48dfcddeab58aa0		https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0
7e2586991e36663c9bc48c828b83eab180ad30a9		https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9
b3ffad2f02db4aace6799fe0049508b8925eae45		https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45
c74d95a5679741ef428974ab788f5b0758dc78ae		https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37893.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T16:14:33Z/ Found at https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T16:14:33Z/ Found at https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T16:14:33Z/ Found at https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T16:14:33Z/ Found at https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T16:14:33Z/ Found at https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae

Exploit Prediction Scoring System (EPSS)

Percentile	0.0521
EPSS Score	0.00019
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:45:27.036639+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37893.json	38.6.0