CVE-2025-39724

EUVD-2025-31503

05.09.2025, 18:15

In the Linux kernel, the following vulnerability has been resolved:

serial: 8250: fix panic due to PSLVERR

When the PSLVERR_RESP_EN parameter is set to 1, the device generates
an error response if an attempt is made to read an empty RBR (Receive
Buffer Register) while the FIFO is enabled.

In serial8250_do_startup(), calling serial_port_out(port, UART_LCR,
UART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes
dw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter
function enables the FIFO via serial_out(p, UART_FCR, p->fcr).
Execution proceeds to the serial_port_in(port, UART_RX).
This satisfies the PSLVERR trigger condition.

When another CPU (e.g., using printk()) is accessing the UART (UART
is busy), the current CPU fails the check (value & ~UART_LCR_SPAR) ==
(lcr & ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter
dw8250_force_idle().

Put serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port->lock
to fix this issue.

Panic backtrace:
[    0.442336] Oops - unknown exception [#1]
[    0.442343] epc : dw8250_serial_in32+0x1e/0x4a
[    0.442351]  ra : serial8250_do_startup+0x2c8/0x88e
...
[    0.442416] console_on_rootfs+0x26/0x70

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
siemens-SADP	ADP	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 7%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	3.10.48 ≤ 𝑥 < 3.11
linux	linux_kernel	3.12.24 ≤ 𝑥 < 5.4.297
linux	linux_kernel	5.5 ≤ 𝑥 < 5.10.241
linux	linux_kernel	5.11 ≤ 𝑥 < 5.15.190
linux	linux_kernel	5.16 ≤ 𝑥 < 6.1.149
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.103
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.44
linux	linux_kernel	6.13 ≤ 𝑥 < 6.16.4
debian	debian_linux	11.0

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
Siemens	SIMATIC CN 4100	𝑥 < V5.0	ADP
Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	V3.1.5 ≤ 𝑥 < *	ADP
Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	V3.1.5 ≤ 𝑥 < *	ADP
Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	V3.1.5 ≤ 𝑥 < *	ADP
Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	V3.1.5 ≤ 𝑥 < *	ADP
Siemens	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP	V3.1.5 ≤ 𝑥 < *	ADP
siemens	simatic_cn_4100	𝑥 < 5.0	ADP

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.174-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.257-1 fixed
forky	7.0.10-1 fixed
sid	7.0.10-1 fixed
trixie	6.12.86-1 fixed
trixie (security)	6.12.90-2 fixed

linux-6.1

bullseye (security)

6.1.174-1~deb11u1

fixed

openSUSE / SLES Releases

openSUSE Product

Release

cluster-md-kmp-default

suse enterprise server 12 SP5

4.12.14-122.280.1

fixed

dlm-kmp-default

suse enterprise server 12 SP5

4.12.14-122.280.1

fixed

gfs2-kmp-default

suse enterprise server 12 SP5

4.12.14-122.280.1

fixed

kernel-64kb

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.18.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.18.1 fixed

kernel-default

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 12 SP5	4.12.14-122.280.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-default-base

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1.150600.12.32.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1.150700.17.15.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1.150600.12.32.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1.150700.17.15.1 fixed
suse enterprise server 12 SP5	4.12.14-122.280.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1.150600.12.32.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1.150700.17.15.1 fixed

kernel-default-man

suse enterprise server 12 SP5

4.12.14-122.280.1

fixed

kernel-docs

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-macros

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 12 SP5	4.12.14-122.280.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-obs-build

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-source

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 12 SP5	4.12.14-122.280.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-source-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.18.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.18.1 fixed

kernel-syms

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 12 SP5	4.12.14-122.280.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

kernel-syms-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.20.18.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.52.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.18.1 fixed

kernel-zfcpdump

suse enterprise desktop 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.22.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.73.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.22.1 fixed

ocfs2-kmp-default

suse enterprise server 12 SP5

4.12.14-122.280.1

fixed

Amazon Linux Releases

Amazon Package

Release

bpftool

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

bpftool-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

bpftool6.12

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

bpftool6.12-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-debuginfo-common-aarch64

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-debuginfo-common-x86_64

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-devel

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-headers

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-libbpf

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-libbpf-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-libbpf-devel

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-libbpf-static

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-livepatch-6.1.150-174.273

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-livepatch-6.12.46-66.121

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-modules-extra

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-modules-extra-common

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-tools

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-tools-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel-tools-devel

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

kernel6.12

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-debuginfo-common-aarch64

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-debuginfo-common-x86_64

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-devel

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-headers

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-libbpf

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-libbpf-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-libbpf-devel

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-libbpf-static

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-modules-extra

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-modules-extra-common

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-tools

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-tools-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

kernel6.12-tools-devel

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

perf

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

perf-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

perf6.12

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

perf6.12-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

python3-perf

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

python3-perf-debuginfo

Amazon Linux 2023

1:6.1.150-174.273.amzn2023

fixed

python3-perf6.12

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

python3-perf6.12-debuginfo

Amazon Linux 2023

1:6.12.46-66.121.amzn2023

fixed

Azure Linux Releases

Azure Package

Release

kernel

Azure Linux 3.0	0:6.6.104.2-1.azl3 fixed
CBL-Mariner 2.0	0:5.15.200.1-1.cm2 fixed

References

https://git.kernel.org/stable/c/0b882f00655afefbc7729c6b5aec86f7a5473a3d

https://git.kernel.org/stable/c/38c0ea484dedb58cb3a4391229933e16be0d1031

https://git.kernel.org/stable/c/68c4613e89f000e8198f9ace643082c697921c9f

https://git.kernel.org/stable/c/7f8fdd4dbffc05982b96caf586f77a014b2a9353

https://git.kernel.org/stable/c/8e2739478c164147d0774802008528d9e03fb802

https://git.kernel.org/stable/c/b8ca8e3f75ede308b4d49a6ca5081460be01bdb5

https://git.kernel.org/stable/c/c826943abf473a3f7260fbadfad65e44db475460

https://git.kernel.org/stable/c/cb7b3633ed749db8e56f475f43c960652cbd6882

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

https://cert-portal.siemens.com/productcert/html/ssa-082556.html