CVE-2025-39726
📋 TL;DR
A concurrency vulnerability in the Linux kernel's s390/ism driver allows multiple CPUs to issue commands simultaneously to the same ISM function, violating hardware requirements. This can cause command corruption, invalid DMA operations, and device error states, affecting Linux systems running on s390x architecture with ISM devices.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Invalid DMA operations leading to system crashes, data corruption, or denial of service through ISM device failure requiring manual recovery.
Likely Case
ISM functions entering error states (PEC 2/3A) causing connection failures and degraded performance for workloads using ISM devices.
If Mitigated
Reduced performance due to proper synchronization but stable ISM device operation.
🎯 Exploit Status
Exploitation requires local access and specific workload patterns that trigger concurrent ISM commands. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 1194ad0d44d66b273a02a3a22882dc863a68d764, 897e8601b9cff1d054cdd53047f568b0e1995726, faf44487dfc80817f178dc8de7a0b73f960d019b, fafaa4982bedb5532f5952000f714a3e63023f40
Vendor Advisory: https://git.kernel.org/stable/c/1194ad0d44d66b273a02a3a22882dc863a68d764
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify ISM driver functionality post-update.
🔧 Temporary Workarounds
Limit ISM device usage
s390xReduce or avoid workloads that heavily utilize ISM devices to minimize concurrency issues.
🧯 If You Can't Patch
- Monitor system logs for PEC 2/3A errors and manually recover affected ISM functions
- Implement workload scheduling to reduce concurrent ISM operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if running on s390x with ISM devices. Look for kernel messages containing 'PEC 2' or 'PEC 3A' errors.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Monitor for absence of PEC error messages in logs during ISM workload testing.📡 Detection & Monitoring
Log Indicators:
- zpci: Event 0x2 reports an error for PCI function
- PEC 2
- PEC 3A
- ism driver bound to the device does not support error recovery
Network Indicators:
- Connection failures for services using ISM devices
SIEM Query:
source="kernel" AND ("PEC 2" OR "PEC 3A" OR "ism driver" AND "error")