Wiz
Vulnerability DatabaseCVE-2025-38309

CVE-2025-38309
Linux Ubuntu vulnerability analysis and mitigation

Overview

A vulnerability was identified in the Linux kernel (CVE-2025-38309) related to the drm/xe/vm component, specifically concerning the initialization sequence of xesvminit(). The issue was discovered and disclosed on July 10, 2025, affecting the Linux kernel's memory management functionality (NVD Database).

Technical details

The vulnerability stems from an improper initialization sequence where xesvminit() is called too late in the process. In xevmcloseandput(), the system needs to call xesvmfini(), but during VM creation, this call can occur on the error path before the SVM state is properly initialized. This sequence leads to various system splats followed by a fatal Null Pointer Dereference (NPD) (NVD Database).

Impact

The vulnerability can result in system crashes and potential null pointer dereferences, which could affect the stability and reliability of systems using the affected Linux kernel components (NVD Database).

Mitigation and workarounds

The issue has been resolved by moving the xesvminit() initialization earlier in the sequence. A fix has been implemented and cherry-picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165 (NVD Database).

Additional resources

SourceThis report was generated using AI

Related Linux Ubuntu vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40343MEDIUM6.4
  • Linux KernelLinux Kernel
  • linux-riscv
NoYesDec 09, 2025
CVE-2025-40342MEDIUM6.4
  • Linux KernelLinux Kernel
  • linux-azure-5.4
NoYesDec 09, 2025
CVE-2025-40340MEDIUM6.4
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-kvm
NoYesDec 09, 2025
CVE-2025-40341MEDIUM5.1
  • Linux KernelLinux Kernel
  • kernel-debug-uki-virt-addons
NoYesDec 09, 2025
CVE-2025-40344N/AN/A
  • Linux KernelLinux Kernel
  • rtla
NoYesDec 09, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo