CVE-2025-38508

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a flaw related to Secure TSC frequency calculation in SEV-SNP VMs. The GUEST TSC FREQ MSR reports a frequency based on the nominal P0 frequency, which deviates from the actual mean TSC frequency. This discrepancy accumulates over time, causing clock skew between the hypervisor and the guest VM, leading to early timer interrupts. The guest kernel relies on the reported nominal frequency for timekeeping, while the actual frequency may differ, resulting in inaccurate time calculations. The issue is addressed by utilizing the TSC FACTOR from the SEV firmware's secrets page to calculate the mean TSC frequency, ensuring accurate timekeeping. The fix also involves using early ioremap encrypted() to map the secrets page.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.