Concurrency Management Flaw in Linux Kernel s390/ism Driver
CVE-2025-39726
What is CVE-2025-39726?
The Linux kernel's s390/ism driver fails to enforce the requirement of processing only one request-response sequence at a time per ISM function. This oversight can lead to multiple commands being issued simultaneously, risking data corruption and erroneous execution. Specific workloads may trigger the ISM functions to enter an error state, indicated by logging errors such as PEC 2, which can disable recovery mechanisms. The absence of synchronization means that commands could overlap, causing invalid data usage, command loss, or execution of incorrect commands altogether, thus jeopardizing system reliability and functionality.
Affected Version(s)
Linux 684b89bc39ce4f204b1a2b180f39f2eb36a6b695
Linux 684b89bc39ce4f204b1a2b180f39f2eb36a6b695 < 1194ad0d44d66b273a02a3a22882dc863a68d764
Linux 684b89bc39ce4f204b1a2b180f39f2eb36a6b695