CVE-2025-39939

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s iommu/s390 subsystem related to memory corruption when utilizing the identity domain. The zpci get iommu ctrs() function returns counter information intended for device statistics; however, when the identity domain is used, this function attempts to access memory within an uninitialized s390 domain structure, leading to a potential memory corruption issue. The issue was identified through Kernel Address Sanitizer (KASAN) reports during testing. The function zpci fmb enable device is implicated in the reported error.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.