SB20250908102 - Input validation error in Linux kernel parisc kernel
Published: September 8, 2025
Security Bulletin ID
SB20250908102
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-39715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the 1: ldw 0(), 10: ldw 0() and 1: ldb 0() functions in arch/parisc/kernel/syscall.S. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/8bccf47adbf658293528e86960e6d6f736b1c9f7
- https://git.kernel.org/stable/c/9b6af875baba9c4679b55f4561e201485451305f
- https://git.kernel.org/stable/c/bc0a24c24ceebabb5ba65900e332233d79e625e6
- https://git.kernel.org/stable/c/e8b496c52aa0c6572d88db7cab85aeea6f9c194d
- https://git.kernel.org/stable/c/f6334f4ae9a4e962ba74b026e1d965dfdf8cbef8