SB2025090884 - Improper error handling in Linux kernel s390 char driver
Published: September 8, 2025
Security Bulletin ID
SB2025090884
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2025-39694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sclpint_to_sccb(), __sclp_find_req() and sclp_interrupt_handler() functions in drivers/s390/char/sclp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/430fa71027b6ac9bb0ce5532b8d0676777d4219a
- https://git.kernel.org/stable/c/61605c847599fbfdfafe638607841c7d73719081
- https://git.kernel.org/stable/c/86c2825791c3836a8f77a954b9c5ebe6fab410c5
- https://git.kernel.org/stable/c/aa5073ac1a2a274812f3b04c278992e68ff67cc7
- https://git.kernel.org/stable/c/bf83ae3537359af088d6577812ed93113dfbcb7b