Acknowledged
Created: Sep 7, 2025
Updated: Sep 9, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]serial: 8250: fix panic due to PSLVERR[EOL][EOL]When the PSLVERR_RESP_EN parameter is set to 1, the device generates[EOL]an error response if an attempt is made to read an empty RBR (Receive[EOL]Buffer Register) while the FIFO is enabled.[EOL][EOL]In serial8250_do_startup(), calling serial_port_out(port, UART_LCR,[EOL]UART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes[EOL]dw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter[EOL]function enables the FIFO via serial_out(p, UART_FCR, p->fcr).[EOL]Execution proceeds to the serial_port_in(port, UART_RX).[EOL]This satisfies the PSLVERR trigger condition.[EOL][EOL]When another CPU (e.g., using printk()) is accessing the UART (UART[EOL]is busy), the current CPU fails the check (value & ~UART_LCR_SPAR) ==[EOL](lcr & ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter[EOL]dw8250_force_idle().[EOL][EOL]Put serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port->lock[EOL]to fix this issue.[EOL][EOL]Panic backtrace:[EOL][ 0.442336] Oops - unknown exception [#1][EOL][ 0.442343] epc : dw8250_serial_in32+0x1e/0x4a[EOL][ 0.442351] ra : serial8250_do_startup+0x2c8/0x88e[EOL]...[EOL][ 0.442416] console_on_rootfs+0x26/0x70
CREATE(Triage):(User=admin) [CVE-2025-39724 (https://nvd.nist.gov/vuln/detail/CVE-2025-39724)
