PT-2025-30134 · Microsoft+8 · Hyper-V+8

Published

2025-06-25

·

Updated

2026-04-20

·

CVE-2025-38351

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw in the KVM component related to handling hypercalls HVCALL FLUSH VIRTUAL ADDRESS LIST and HVCALL FLUSH VIRTUAL ADDRESS LIST EX within KVM guests utilizing Hyper-V hypercalls. The vulnerability occurs when non-canonical Guest Virtual Addresses (GVAs) are passed during a virtual TLB flush request. Specifically, Intel’s INVVPID instruction signals a VM-Fail when processing these non-canonical addresses, leading to a warning. Hyper-V documentation indicates that invalid GVAs should be ignored, and testing confirms this behavior in real Hyper-V environments.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025:17377
ALSA-2025:18318
BDU:2025-13472
CVE-2025-38351
DSA-5975-1
INFSA-2025_17377
INFSA-2025_21469
OESA-2025-2120
OESA-2025-2121
OESA-2025-2122
OPENSUSE-SU-2025:20081-1
RHSA-2025:18318
RHSA-2025:21469
RHSA-2025_17377
RHSA-2025_21469
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Almalinux
Hyper-V
Intel Invvpid
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu