Linux Kernel up to 6.14.8 xen gnttab_expand initialization

| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.14.8. Impacted is the function gnttab_expand of the component xen. The manipulation leads to initialization.
This vulnerability is referenced as CVE-2025-38046. No exploit is available.
It is advisable to upgrade the affected component.
Details
A vulnerability was found in Linux Kernel up to 6.14.8 and classified as problematic. This issue affects the function gnttab_expand of the component xen. The manipulation with an unknown input leads to a initialization vulnerability. Using CWE to declare the problem leads to CWE-665. The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. The impact remains unknown. The summary by CVE is:
In the Linux kernel, the following vulnerability has been resolved: xen: Add support for XenServer 6.1 platform device On XenServer on Windows machine a platform device with ID 2 instead of 1 is used. This device is mainly identical to device 1 but due to some Windows update behaviour it was decided to use a device with a different ID. This causes compatibility issues with Linux which expects, if Xen is detected, to find a Xen platform device (5853:0001) otherwise code will crash due to some missing initialization (specifically grant tables). Specifically from dmesg RIP: 0010:gnttab_expand+0x29/0x210 Code: 90 0f 1f 44 00 00 55 31 d2 48 89 e5 41 57 41 56 41 55 41 89 fd 41 54 53 48 83 ec 10 48 8b 05 7e 9a 49 02 44 8b 35 a7 9a 49 02 48 04 8d 44 39 ff f7 f1 45 8d 24 06 89 c3 e8 43 fe ff ff 44 39 RSP: 0000:ffffba34c01fbc88 EFLAGS: 00010086 ... The device 2 is presented by Xapi adding device specification to Qemu command line.
The advisory is shared at git.kernel.org. The identification of this vulnerability is CVE-2025-38046 since 04/16/2025. Technical details are known, but no exploit is available.
Upgrading to version 5.4.294, 5.10.238, 5.15.185, 6.1.141, 6.6.93, 6.12.31 or 6.14.9 eliminates this vulnerability. Applying the patch baedd1ef924d2b04d6223e0e1633e2d84fee6763/5239ba49ad23a2285b4c2d15bec71566d32e0300/7258b92ceff342912945eaaf8787ca3b83dbae21/0fb6c439d265f09785a561fd2c637af567641cab/f5363ffdabc2a281bd0023584944e3d0c25dfcd3/55c3a07c0d96f5328e8fd5ffbf1448b60683f6fd/2356f15caefc0cc63d9cc5122641754f76ef9b25 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
The vulnerability is also documented in the vulnerability database at CERT Bund (WID-SEC-2025-1350). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Affected
- Debian Linux
- Amazon Linux 2
- Red Hat Enterprise Linux
- Ubuntu Linux
- SUSE Linux
- Oracle Linux
- SUSE openSUSE
- Open Source Linux Kernel
- RESF Rocky Linux
- Dell Avamar
- Dell NetWorker
- Dell Secure Connect Gateway
- IBM QRadar SIEM
Product
Type
Vendor
Name
Version
- 5.4.293
- 5.10.237
- 5.15.184
- 6.1.140
- 6.6.0
- 6.6.1
- 6.6.2
- 6.6.3
- 6.6.4
- 6.6.5
- 6.6.6
- 6.6.7
- 6.6.8
- 6.6.9
- 6.6.10
- 6.6.11
- 6.6.12
- 6.6.13
- 6.6.14
- 6.6.15
- 6.6.16
- 6.6.17
- 6.6.18
- 6.6.19
- 6.6.20
- 6.6.21
- 6.6.22
- 6.6.23
- 6.6.24
- 6.6.25
- 6.6.26
- 6.6.27
- 6.6.28
- 6.6.29
- 6.6.30
- 6.6.31
- 6.6.32
- 6.6.33
- 6.6.34
- 6.6.35
- 6.6.36
- 6.6.37
- 6.6.38
- 6.6.39
- 6.6.40
- 6.6.41
- 6.6.42
- 6.6.43
- 6.6.44
- 6.6.45
- 6.6.46
- 6.6.47
- 6.6.48
- 6.6.49
- 6.6.50
- 6.6.51
- 6.6.52
- 6.6.53
- 6.6.54
- 6.6.55
- 6.6.56
- 6.6.57
- 6.6.58
- 6.6.59
- 6.6.60
- 6.6.61
- 6.6.62
- 6.6.63
- 6.6.64
- 6.6.65
- 6.6.66
- 6.6.67
- 6.6.68
- 6.6.69
- 6.6.70
- 6.6.71
- 6.6.72
- 6.6.73
- 6.6.74
- 6.6.75
- 6.6.76
- 6.6.77
- 6.6.78
- 6.6.79
- 6.6.80
- 6.6.81
- 6.6.82
- 6.6.83
- 6.6.84
- 6.6.85
- 6.6.86
- 6.6.87
- 6.6.88
- 6.6.89
- 6.6.90
- 6.6.91
- 6.6.92
- 6.12.0
- 6.12.1
- 6.12.2
- 6.12.3
- 6.12.4
- 6.12.5
- 6.12.6
- 6.12.7
- 6.12.8
- 6.12.9
- 6.12.10
- 6.12.11
- 6.12.12
- 6.12.13
- 6.12.14
- 6.12.15
- 6.12.16
- 6.12.17
- 6.12.18
- 6.12.19
- 6.12.20
- 6.12.21
- 6.12.22
- 6.12.23
- 6.12.24
- 6.12.25
- 6.12.26
- 6.12.27
- 6.12.28
- 6.12.29
- 6.12.30
- 6.14.0
- 6.14.1
- 6.14.2
- 6.14.3
- 6.14.4
- 6.14.5
- 6.14.6
- 6.14.7
- 6.14.8
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: InitializationCWE: CWE-665
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Kernel 5.4.294/5.10.238/5.15.185/6.1.141/6.6.93/6.12.31/6.14.9
Patch: baedd1ef924d2b04d6223e0e1633e2d84fee6763/5239ba49ad23a2285b4c2d15bec71566d32e0300/7258b92ceff342912945eaaf8787ca3b83dbae21/0fb6c439d265f09785a561fd2c637af567641cab/f5363ffdabc2a281bd0023584944e3d0c25dfcd3/55c3a07c0d96f5328e8fd5ffbf1448b60683f6fd/2356f15caefc0cc63d9cc5122641754f76ef9b25
Timeline
04/16/2025 🔍06/18/2025 🔍
06/18/2025 🔍
02/02/2026 🔍
Sources
Vendor: kernel.orgAdvisory: git.kernel.org
Status: Confirmed
CVE: CVE-2025-38046 (🔍)
GCVE (CVE): GCVE-0-2025-38046
GCVE (VulDB): GCVE-100-312845
CERT Bund: WID-SEC-2025-1350 - Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Entry
Created: 06/18/2025 12:01Updated: 02/02/2026 06:57
Changes: 06/18/2025 12:01 (58), 10/20/2025 07:50 (7), 02/02/2026 06:57 (1)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.