CVE-2025-39939

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/s390: Fix memory corruption when using identity domain<br /> <br /> zpci_get_iommu_ctrs() returns counter information to be reported as part<br /> of device statistics; these counters are stored as part of the s390_domain.<br /> The problem, however, is that the identity domain is not backed by an<br /> s390_domain and so the conversion via to_s390_domain() yields a bad address<br /> that is zero&amp;#39;d initially and read on-demand later via a sysfs read.<br /> These counters aren&amp;#39;t necessary for the identity domain; just return NULL<br /> in this case.<br /> <br /> This issue was discovered via KASAN with reports that look like:<br /> BUG: KASAN: global-out-of-bounds in zpci_fmb_enable_device<br /> when using the identity domain for a device on s390.