CVE-2025-39694: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-39694 is a vulnerability discovered in the Linux kernel affecting the s390/sclp subsystem, specifically related to the SCCB (Service-Call Control Block) present check functionality. The vulnerability was disclosed on September 5, 2025, and involves incorrect handling of NULL checks in the SCLP interrupt handler (NVD).

The vulnerability exists in the tracing code called by the SCLP interrupt handler, which contains early exits if the SCCB address associated with an interrupt is NULL. The check is performed after physical to virtual address translation. When the kernel identity mapping does not start at address zero, the resulting virtual address is never zero, causing the NULL checks to fail. This can lead to incorrect accesses to the first page of the identity mapping (NVD, Rapid7).

The vulnerability has been assigned a CVSS score of 7.0, indicating a moderate severity level. The incorrect handling of NULL checks can result in improper access to the first page of the identity mapping, potentially leading to system instability or unauthorized memory access (Rapid7).

The issue has been resolved by introducing a function that handles the NULL case before address translation. A fix has been implemented in the Linux kernel, and affected systems should be updated with the latest security patches (NVD).