CVE-2025-38158
MEDIUMLinux Kernel 5.18-6.1.141, 6.2-6.6.93, 6.7-6.12.33, 6.13-6.15.2 - DMA Address Error
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that there was an error when the data read from the register was combined into an address. Therefore, the address combination sequence needs to be corrected. Even after fixing the above problem, we still have an issue where the Guest from an old kernel can get migrated to new kernel and may result in wrong data. In order to ensure that the address is correct after migration, if an old magic number is detected, the dma address needs to be updated.
References (6)
Core 6
Core References
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
16.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (18)
debian/debian_linux
11.0
linux/Kernel
5.18.0 - 6.1.142linux
linux/Kernel
6.13.0 - 6.15.3linux
linux/Kernel
6.2.0 - 6.6.94linux
linux/Kernel
6.7.0 - 6.12.34linux
Linux/Linux
< 5.18
Linux/Linux
5.18
Linux/Linux
6.1.142 - 6.1.*
Linux/Linux
6.12.34 - 6.12.*
Linux/Linux
6.15.3 - 6.15.*
... and 8 more
Published
Jul 03, 2025
Tracked Since
Feb 18, 2026