Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Poly1305 Register Corruption Vulnerability in No-SIMD Contexts

Vulnerability

A vulnerability in the Linux kernel's Poly1305 implementation for ARM architectures can lead to register corruption when SIMD registers are unavailable. This issue arises because the Poly1305 functions may incorrectly assume that SIMD is usable, causing them to disrupt the registers of other tasks and produce erroneous MAC computations. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause register corruption in tasks, leading to incorrect computations in applications that rely on the Poly1305 cryptographic function.

Reproduction

The vulnerability can be reproduced by calling the Poly1305 functions in a no-SIMD context, where the functions should not be used but can be inadvertently called. This will result in the corruption of the task's registers and incorrect MAC calculations.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Sep 15, 2025, 1:19 PM
Updated: Sep 15, 2025, 9:54 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.