Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-10263
PUBLISHED
More InfoOfficial Page
Assigner-Arm
Assigner Org ID-56a131ea-b967-4a0d-a41e-5f3549952846
View Known Exploited Vulnerability (KEV) details
Published At-09 Jun, 2026 | 09:23
Updated At-03 Jul, 2026 | 12:05
Rejected At-
▼CVE Numbering Authority (CNA)

Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level.

Affected Products
Vendor
Arm LimitedArm
Product
C1-Ultra
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
C1-Premium
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Neoverse V3
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Neoverse V3AE
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Neoverse V1
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Neoverse N2
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Neoverse N1
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X925
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X4
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X3
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X2
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X1
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-X1C
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A710
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A78
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A78AE
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A78C
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A77
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A76
Default Status
unaffected
Versions
Affected
  • 0
Vendor
Arm LimitedArm
Product
Cortex-A76AE
Default Status
unaffected
Versions
Affected
  • 0
Problem Types
TypeCWE IDDescription
CWECWE-362CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Type: CWE
CWE ID: CWE-362
Description: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://developer.arm.com/documentation/112137
N/A
Hyperlink: https://developer.arm.com/documentation/112137
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://xenbits.xen.org/xsa/advisory-493.html
N/A
http://www.openwall.com/lists/oss-security/2026/06/09/13
N/A
Hyperlink: http://xenbits.xen.org/xsa/advisory-493.html
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/06/09/13
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
3. kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources

A flaw was found in the Linux kernel on ARM processors. A race condition in Translation Lookaside Buffer Invalidation (TLBI) operations during memory permission changes allows a local attacker to write to memory resources owned by higher privilege levels. This could allow an unprivileged local attacker to gain kernel privileges or a guest VM to escape to the hypervisor, resulting in complete system compromise.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AppStream (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux BaseOS (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux Real Time for NFV (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux Real Time (v. 10)
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux for NVIDIA 26
CPEs
  • cpe:/a:redhat:enterprise_linux_nvidia:
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-266Incorrect Privilege Assignment
Type: CWE
CWE ID: CWE-266
Description: Incorrect Privilege Assignment
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:34911: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-06-09 11:01:37
Made public.2026-06-09 09:23:18
Event: Reported to Red Hat.
Date: 2026-06-09 11:01:37
Event: Made public.
Date: 2026-06-09 09:23:18
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2025-10263
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2486958
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:34911
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2025-10263
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2486958
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34911
Resource:
vendor-advisory
x_refsource_REDHAT
Details not found