AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-38334: In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages

mediumvulnerability

security

Source: NVD/CVE DatabaseJuly 10, 2025CVE-2025-38334

Summary

A vulnerability in the Linux kernel's SGX (Software Guard Extensions, a CPU feature that creates isolated execution areas) allows the system to attempt reclaiming memory pages that are already poisoned (marked as corrupted due to hardware errors). When the kernel tries to reclaim these poisoned pages using special CPU instructions like EWB (encrypt and write back), it can trigger machine check errors that crash the system, because SGX instructions cannot safely handle these hardware errors.

Solution / Mitigation

Call sgx_unmark_page_reclaimable() to remove the affected EPC (Enclave Page Cache) page from sgx_active_page_list when a memory error is detected. This prevents the corrupted page from being considered for reclaiming and stops the system from attempting dangerous operations on it.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-754

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-38334

First tracked: February 15, 2026 at 08:35 PM

Classified by LLM (prompt v3) · confidence: 95%