CVE-2025-39724
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERR_RESP_EN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR (Receive Buffer Register) while the FIFO is enabled. In serial8250_do_startup(), calling serial_port_out(port, UART_LCR, UART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes dw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter function enables the FIFO via serial_out(p, UART_FCR, p->fcr). Execution proceeds to the serial_port_in(port, UART_RX). This satisfies the PSLVERR trigger condition. When another CPU (e.g., using printk()) is accessing the UART (UART is busy), the current CPU fails the check (value & ~UART_LCR_SPAR) == (lcr & ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter dw8250_force_idle(). Put serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port->lock to fix this issue. Panic backtrace: [ 0.442336] Oops - unknown exception [#1] [ 0.442343] epc : dw8250_serial_in32+0x1e/0x4a [ 0.442351] ra : serial8250_do_startup+0x2c8/0x88e ... [ 0.442416] console_on_rootfs+0x26/0x70
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-11-03
Generated
2026-05-27
AI Q&A
2025-09-05
EPSS Evaluated
2026-05-25
NVD
CVE-2025-39724
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.1.153-1
linux linux_kernel 5.10.244-1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's serial driver (serial 8250). When a specific parameter (PSLVERR_RESP_EN) is set, the device generates an error if it tries to read from an empty receive buffer while the FIFO is enabled. Due to a race condition involving multiple CPUs accessing the UART simultaneously, the kernel can panic because of improper locking around certain serial port operations. The fix involves adding a lock to prevent concurrent access that leads to this panic.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to panic (crash) when the serial port driver encounters a race condition during UART access. This can lead to system instability, unexpected reboots, or denial of service, especially on systems relying on serial communication.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for kernel panic messages related to the serial8250 driver, specifically looking for panic backtraces mentioning dw8250_serial_in32, serial8250_do_startup, or console_on_rootfs. You can check the system logs using commands like 'dmesg | grep -i serial8250' or 'journalctl -k | grep -i serial8250' to identify such panic messages.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version where the fix is applied. The fix involves putting serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port->lock to prevent the panic caused by concurrent UART access. Until the update is applied, avoid workloads or operations that trigger concurrent UART access that could lead to this panic.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart