SB2025082079 - Input validation error in Linux kernel boot compressed
Published: August 20, 2025
Security Bulletin ID
SB2025082079
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-38560)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the early_set_pages_state() function in arch/x86/kernel/sev.c, within the setup_cpuid_table() and pvalidate_pages() functions in arch/x86/kernel/sev-shared.c, within the get_cpuflags() function in arch/x86/boot/cpuflags.c, within the __page_state_change() function in arch/x86/boot/compressed/sev.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1fb873971e23c35c53823c62809a474a92bc3022
- https://git.kernel.org/stable/c/1fec416c03d0a64cc21aa04ce4aa14254b017e6a
- https://git.kernel.org/stable/c/7b306dfa326f70114312b320d083b21fa9481e1e
- https://git.kernel.org/stable/c/a762a4c8d9e768b538b3cc60615361a8cf377de8
- https://git.kernel.org/stable/c/aed15fc08f15dbb15822b2a0b653f67e76aa0fdf
- https://git.kernel.org/stable/c/f92af52e6dbd8d066d77beba451e0230482dc45b