CVE-2025-39715: 
CBL Mariner vulnerability analysis and mitigation

CVE-2025-39715 is a vulnerability discovered in the Linux kernel affecting the parisc architecture's gateway LWS (Load Word Speculative) calls. The vulnerability was disclosed on September 5, 2025, and affects various Linux distributions including Ubuntu and Red Hat systems (NVD, Ubuntu).

The vulnerability stems from the way read access support is implemented in the parisc architecture. Read access interruptions are only triggered at privilege levels 2 and 3, while the kernel and gateway page execute at privilege level 0. This implementation flaw allows user code to execute a LWS compare and swap operation at an address that is read protected at privilege level 3 (PRIV_USER). The vulnerability has been assigned a CVSS v3 base score of 5.5, indicating moderate severity (Rapid7).

The vulnerability enables user code to bypass read protection mechanisms, potentially allowing unauthorized access to read-protected memory addresses at privilege level 3. This could lead to information disclosure or privilege escalation in affected systems (NVD).

The fix involves probing read access rights at privilege level 3 and branching to lws_fault if access isn't allowed. Multiple Linux distributions have released patches to address this vulnerability. Ubuntu has marked this as a medium priority issue and is actively working on updates for affected versions (Ubuntu).