Wiz
Vulnerability DatabaseCVE-2025-38047

CVE-2025-38047
Linux Kernel vulnerability analysis and mitigation

Overview

A vulnerability in the Linux kernel has been identified and assigned CVE-2025-38047, specifically affecting the x86/fred component during S4 resume operations with FRED enabled. The issue was disclosed on June 18, 2025, and involves system hang conditions during the S4 resume process (NVD).

Technical details

The vulnerability occurs when the system wakes up from S4 sleep state. During this process, the restore kernel initializes FRED MSRs (Model-Specific Registers) and loads a hibernation image. The issue arises when the image kernel takes control, as the FRED MSRs still contain values set by the restore kernel, which may differ from those set by the image kernel before hibernation. The vulnerability manifests in the handling of these MSR values during the transition between restore and image kernels (NVD).

Impact

When exploited, this vulnerability can cause a system hang during the S4 resume process on systems with FRED enabled. This primarily affects system availability by preventing successful resume operations from hibernation (NVD).

Mitigation and workarounds

The vulnerability has been resolved in the Linux kernel. The fix involves ensuring that the image kernel recomputes the FRED MSR values from scratch upon resuming, as these values depend only on the location of the kernel text and data (NVD).

Additional resources

SourceThis report was generated using AI

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues

Cloud threat landscape

Cloud threat landscape

A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques

PEACH

PEACH

A step-by-step framework for modeling and improving SaaS and PaaS tenant isolation

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo