CVE-2025-39715Linux vulnerability

21 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 5
Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys,e instructions to trigger memory reference interruptions without writing to memory. Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel and gateway page execute at privilege level 0, so this code never triggers a read access interruption. Thus, it is currently

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel5.176.1.149+3
Debianlinux/linux_kernel< 6.1.153-1+2
CVEListV5linux/linuxd0585d742ff2d82accd26c661c60a6d260429c4ae8b496c52aa0c6572d88db7cab85aeea6f9c194d+5

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-whrv-v478-pw4q: In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys2025-09-05
CVEList
parisc: Revise gateway LWS calls to probe user read access2025-09-05
OSV
CVE-2025-39715: In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys,e2025-09-05

📋Vendor Advisories

17
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Xilinx) vulnerabilities2026-02-24
Ubuntu
Linux kernel (IBM) vulnerabilities2026-02-24
CVE-2025-39715 — Linux vulnerability | cvebase