CVE-2025-39939

UNKNOWN 0.0

iommu/s390: Fix memory corruption when using identity domain

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identity domain zpci_get_iommu_ctrs() returns counter information to be reported as part of device statistics; these counters are stored as part of the s390_domain. The problem, however, is that the identity domain is not backed by an s390_domain and so the conversion via to_s390_domain() yields a bad address that is zero'd initially and read on-demand later via a sysfs read. These counters aren't necessary for the identity domain; just return NULL in this case. This issue was discovered via KASAN with reports that look like: BUG: KASAN: global-out-of-bounds in zpci_fmb_enable_device when using the identity domain for a device on s390.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 4, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

64af12c6ec3afd7d44bc8b2044eee59f98059087 < 17a58caf3863163c4a84a218a9649be2c8061443 64af12c6ec3afd7d44bc8b2044eee59f98059087 < b3506e9bcc777ed6af2ab631c86a9990ed97b474

Linux / Linux

6.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/17a58caf3863163c4a84a218a9649be2c8061443 git.kernel.org: https://git.kernel.org/stable/c/b3506e9bcc777ed6af2ab631c86a9990ed97b474