CVE-2025-39715

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw where user code could potentially execute a Load Word and Swap (LWS) compare and swap operation at a memory address protected against read access at privilege level 3 (PRIV USER). This occurs because read access interruptions are only triggered at privilege levels 2 and 3, while the kernel and gateway page execute at privilege level 0, preventing the triggering of these interruptions. The issue involves using load and stbys,e instructions to trigger memory reference interruptions without writing to memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-697

Related Identifiers

AZL-67004

BDU:2025-15545

CVE-2025-39715

DLA-4328-1

DSA-6008-1

DSA-6009-1

ECHO-2E3F-62C4-0C5F

MGASA-2025-0234

MGASA-2025-0235

OESA-2025-2465

OESA-2025-2466

OESA-2025-2467

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-39715

Weakness Enumeration

Related Identifiers

Affected Products

References · 1288