Linux Kernel Vulnerability Affecting Hisilicon Acceleration Component
CVE-2025-38158

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-38158?

A vulnerability within the Linux kernel's handling of Hisilicon acceleration components has been identified, manifesting as incorrect DMA addresses after migration. This issue impacts guest kernel-mode encryption services, leading to failures during operations. The root cause lies in the incorrect assembly of addresses from hardware register data. Additionally, even after initial fixes, migrating guests from older kernel versions to newer ones can result in erroneous data. To mitigate this, a check for an old magic number is necessary to update the DMA address and ensure correct functionality post-migration.

Affected Version(s)

Linux b0eed085903e7758532696d64397901a75bba8ba < 809a9c10274e1bcf6d05f1c0341459a425a4f05f

Linux b0eed085903e7758532696d64397901a75bba8ba

Linux b0eed085903e7758532696d64397901a75bba8ba < 884a76e813178778d271fea59783763d32bb7e72

References

https://git.kernel.org/stable/c/809a9c10274e1bcf6d05f1c03...

https://git.kernel.org/stable/c/f0423873e7aeb69cb68f4e8fa...

https://git.kernel.org/stable/c/884a76e813178778d271fea59...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Apr 16, 2025