Linux Kernel Vulnerability Affecting Insn_rw_emulate_bits Functionality

CVE-2025-39686

What is CVE-2025-39686?

In the Linux kernel, a functionality flaw has been detected in the insn_rw_emulate_bits() function. This function is designed to serve as a default handler for INSN_READ and INSN_WRITE instructions for subdevices that utilize INSN_BITS without having specific handlers for these instructions. Currently, the implementation is limited, handling only a single sample despite the potential for multiple samples as indicated by the insn->n value. This can lead to kernel-information leak errors, particularly when insn->n is greater than one. The flaw necessitates an update to ensure that insn_rw_emulate_bits() appropriately processes multiple samples or returns an error, thereby aligning with the expected operations for instruction handling.

References