Bug 2373323 (CVE-2025-38046) - CVE-2025-38046 kernel: xen: Add support for XenServer 6.1 platform device
Summary: CVE-2025-38046 kernel: xen: Add support for XenServer 6.1 platform device
Keywords:
Status: NEW
Alias: CVE-2025-38046
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-06-18 10:01 UTC by OSIDB Bzimport
Modified: 2025-06-21 05:16 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-06-18 10:01:35 UTC 
In the Linux kernel, the following vulnerability has been resolved:

xen: Add support for XenServer 6.1 platform device

On XenServer on Windows machine a platform device with ID 2 instead of
1 is used.

This device is mainly identical to device 1 but due to some Windows
update behaviour it was decided to use a device with a different ID.

This causes compatibility issues with Linux which expects, if Xen
is detected, to find a Xen platform device (5853:0001) otherwise code
will crash due to some missing initialization (specifically grant
tables). Specifically from dmesg

    RIP: 0010:gnttab_expand+0x29/0x210
    Code: 90 0f 1f 44 00 00 55 31 d2 48 89 e5 41 57 41 56 41 55 41 89 fd
          41 54 53 48 83 ec 10 48 8b 05 7e 9a 49 02 44 8b 35 a7 9a 49 02
          <8b> 48 04 8d 44 39 ff f7 f1 45 8d 24 06 89 c3 e8 43 fe ff ff
          44 39
    RSP: 0000:ffffba34c01fbc88 EFLAGS: 00010086
    ...

The device 2 is presented by Xapi adding device specification to
Qemu command line.
Comment 1 Avinash Hanwate 2025-06-21 05:15:41 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025061830-CVE-2025-38046-3356@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.