CVE-2025-38047 Affecting kernel-debug-modules-internal package, versions *
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CENTOS8-KERNELDEBUGMODULESINTERNAL-10416779
- published19 Jun 2025
- disclosed18 Jun 2025
Introduced: 18 Jun 2025
NewCVE-2025-38047 (opens in a new tab)How to fix?
There is no fixed version for Centos:8 kernel-debug-modules-internal.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-debug-modules-internal package and not the kernel-debug-modules-internal package as distributed by Centos.
See How to fix? for Centos:8 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
x86/fred: Fix system hang during S4 resume with FRED enabled
Upon a wakeup from S4, the restore kernel starts and initializes the FRED MSRs as needed from its perspective. It then loads a hibernation image, including the image kernel, and attempts to load image pages directly into their original page frames used before hibernation unless those frames are currently in use. Once all pages are moved to their original locations, it jumps to a "trampoline" page in the image kernel.
At this point, the image kernel takes control, but the FRED MSRs still contain values set by the restore kernel, which may differ from those set by the image kernel before hibernation. Therefore, the image kernel must ensure the FRED MSRs have the same values as before hibernation. Since these values depend only on the location of the kernel text and data, they can be recomputed from scratch.