PT-2025-29056 · Linux+6 · Linux Kernel+6

Published

2025-07-10

·

Updated

2026-04-20

·

CVE-2025-38334

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions:

Linux kernel (affected versions not specified)

Description:

The Linux kernel contains a flaw where the SGX page reclaimer attempts to reclaim poisoned pages. This can lead to a kernel panic, potentially causing system instability. The issue arises because SGX instructions do not handle machine checks gracefully, and the reclaimer logic does not check for poisoned pages before attempting to reclaim them. Reclaiming poisoned pages can trigger microcode operations that cause a core shutdown and subsequent kernel panic. The vulnerability occurs when attempting to encrypt and write the contents of a poisoned EPC page to non-SGX memory.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Check for Exceptional Conditions

Weakness Enumeration

CWE-371CWE-754

Related Identifiers

AZL-65009
AZL-72587
BDU:2025-10744
CVE-2025-38334
DLA-4328-1
DSA-5973-1
ECHO-0A17-FCE2-0708
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-2268
OESA-2025-2269
OESA-2025-2270
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu