ghsa-wxfj-mrv6-qf72
Vulnerability from github
Published
2025-09-05 18:31
Modified
2025-09-05 18:31
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/sclp: Fix SCCB present check

Tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after physical to virtual address translation.

If the kernel identity mapping does not start at address zero, the resulting virtual address is never zero, so that the NULL checks won't work. Subsequently this may result in incorrect accesses to the first page of the identity mapping.

Fix this by introducing a function that handles the NULL case before address translation.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-39694"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-05T18:15:46Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Fix SCCB present check\n\nTracing code called by the SCLP interrupt handler contains early exits\nif the SCCB address associated with an interrupt is NULL. This check is\nperformed after physical to virtual address translation.\n\nIf the kernel identity mapping does not start at address zero, the\nresulting virtual address is never zero, so that the NULL checks won\u0027t\nwork. Subsequently this may result in incorrect accesses to the first\npage of the identity mapping.\n\nFix this by introducing a function that handles the NULL case before\naddress translation.",
  "id": "GHSA-wxfj-mrv6-qf72",
  "modified": "2025-09-05T18:31:27Z",
  "published": "2025-09-05T18:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39694"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/430fa71027b6ac9bb0ce5532b8d0676777d4219a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/61605c847599fbfdfafe638607841c7d73719081"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/86c2825791c3836a8f77a954b9c5ebe6fab410c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa5073ac1a2a274812f3b04c278992e68ff67cc7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf83ae3537359af088d6577812ed93113dfbcb7b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.