1. Home
  2. CVE Database
  3. CVE-2025-0647
HIGH · 7.9

CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareabilit...

Vulnerability Description

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by the TLBI.

CVSS Score

7.9

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
ArmC1-Ultra Firmware-
ArmC1-Ultra-
ArmC1-Premium Firmware-
ArmC1-Premium-
ArmCortex-A710 Firmware-
ArmCortex-A710-
ArmCortex-X2 Firmware-
ArmCortex-X2-
ArmCortex-X3 Firmware-
ArmCortex-X3-
ArmCortex-X4 Firmware-
ArmCortex-X4-
ArmCortex-X925 Firmware-
ArmCortex-X925-
ArmNeoverse-V2 Firmware-
ArmNeoverse-V2-
ArmNeoverse-V3 Firmware-
ArmNeoverse-V3-
ArmNeoverse-V3Ae Firmware-
ArmNeoverse-V3Ae-

Related Weaknesses (CWE)

CWE-226

References

FAQ

What is CVE-2025-0647?

CVE-2025-0647 is a vulnerability with a CVSS score of 7.9 (HIGH). In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareabilit...

How severe is CVE-2025-0647?

CVE-2025-0647 has been rated HIGH with a CVSS base score of 7.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-0647?

Check the references section above for vendor advisories and patch information. Affected products include: Arm C1-Ultra Firmware, Arm C1-Ultra, Arm C1-Premium Firmware, Arm C1-Premium, Arm Cortex-A710 Firmware.