VDB
DEBIAN-CVE-2025-39694
DEBIAN-CVE-2025-39694
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check Tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after physical to virtual address translation. If the kernel identity mapping does not start at address zero, the resulting virtual address is never zero, so that the NULL checks won't work. Subsequently this may result in incorrect accesses to the first page of the identity mapping. Fix this by introducing a function that handles the NULL case before address translation.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux-6.1 | 0, 6.1.148-1, 6.1.147-1 |
| Debian:13 | linux | 6.12.38-1, 6.12.43-1, 6.12.43-1 |
| Debian:12 | linux | 6.1.106-2, 0, 6.1.106-1 |
| Debian:14 | linux | 6.13~rc7-1~exp1, 6.13~rc6-1~exp1, 6.13.9-1~exp1 |
Timeline
- Sep 5, 2025 CVE Published
- Apr 28, 2026 CVE Updated