Made public today is CVE-2025-10263 as a "critical" security vulnerability affecting many different Arm CPU cores. CVE-2025-10263 could allow for privilege escalation on affected systems due to a specific timing condition during a memory permission change. Fundamentally it comes down to completion of affected memory accesses might not be guaranteed by the completion of a TLBI.

CVE-2025-10263 while assigned last year was only made public today for this issue that can allow writes to resources owned by a higher exception level as a means of achieving privilege escalation. Among the Arm cores affected are the latest C1-Ultra and C1-Premium as well as older cores such as Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse N2, and Neoverse N1. Additionally, the Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76AE are all affected as well.

The software workaround is that for any software performing TLB invalidation applying to stage 1 or stage 1 and 2 information must perform an additional TLBI and DSB. Details via the [1]Arm bulletin .

[2]This patch series posted today for the Linux kernel address that vulnerability with the necessary mitigation.

Separately, [3]another patch from NVIDIA also confirms that their newest Olympus cores found in the NVIDIA Vera CPU are also affected by this vulnerability and mitigated with that follow-up patch.



[1] https://developer.arm.com/documentation/112137/latest/

[2] https://lore.kernel.org/all/20260609101203.1512409-1-mark.rutland@arm.com/

[3] https://lore.kernel.org/lkml/20260609234044.3945938-1-sdonthineni@nvidia.com/