CVE-2025-38560 — Time-of-check Time-of-use (TOCTOU) Race Condition in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 19
Latest updateMar 25
Description
In the Linux kernel, the following vulnerability has been resolved:
x86/sev: Evict cache lines during SNP memory validation
An SNP cache coherency vulnerability requires a cache line eviction
mitigation when validating memory after a page state change to private.
The specific mitigation is to touch the first and last byte of each 4K
page that is being validated. There is no need to perform the mitigation
when performing a page state change to shared and rescinding validation.
CPUID bit Fn8000…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5linux/linux4f9c403e44e5e88feb27d5e617d1adc9cc7ef684 — 1fec416c03d0a64cc21aa04ce4aa14254b017e6a+6
Also affects: Debian Linux 11.0
Patches
🔴Vulnerability Details
3OSV▶
CVE-2025-38560: In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vul↗2025-08-19
GHSA▶
GHSA-rcx5-mm72-w6xv: In the Linux kernel, the following vulnerability has been resolved:
x86/sev: Evict cache lines during SNP memory validation
An SNP cache coherency v↗2025-08-19