Linux Kernel Vulnerability in Serial8250 Component
CVE-2025-39724

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39724?

A vulnerability in the Linux kernel's Serial8250 component was identified, where triggering conditions related to PSLVERR_RESP_EN could lead to system instability. If the device tries to read from an empty Receive Buffer Register (RBR) while the FIFO is enabled, it generates an error response. The issue surfaces during the startup sequence of the Serial8250, potentially causing a panic if concurrent CPU access interferes with the UART operation. To mitigate this, it's essential to implement port locking during the write operations to the UART Line Control Register.

Affected Version(s)

Linux c49436b657d0a56a6ad90d14a7c3041add7cf64d < 0b882f00655afefbc7729c6b5aec86f7a5473a3d

Linux c49436b657d0a56a6ad90d14a7c3041add7cf64d

Linux c49436b657d0a56a6ad90d14a7c3041add7cf64d < 68c4613e89f000e8198f9ace643082c697921c9f

References

https://git.kernel.org/stable/c/0b882f00655afefbc7729c6b5...

https://git.kernel.org/stable/c/b8ca8e3f75ede308b4d49a6ca...

https://git.kernel.org/stable/c/68c4613e89f000e8198f9ace6...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025