PatchSiren cyber security CVE debrief
CVE-2025-39683 Cert Portal CVE debrief
CVE-2025-39683 describes a Linux kernel tracing bug in ftrace filter parsing that can lead to a slab out-of-bounds read when an overly long string is written to set_ftrace_filter. The advisory states that trace_get_user can fail on input longer than FTRACE_BUFF_MAX without terminating parser->buffer, allowing later parsing in ftrace_regex_release/ftrace_process_regex to read past the buffer. The sourced advisory package associates the fix with Siemens SIMATIC CN 4100 versions earlier than 5.0 and recommends updating to V5.0 or later.
- Vendor
- Cert Portal
- Product
- Siemens SIMATIC CN 4100 vers:intdot/<5.0
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Administrators and operators responsible for Siemens SIMATIC CN 4100 devices, especially those running versions earlier than 5.0, should prioritize review. Linux kernel maintainers and system teams using tracing/ftrace features should also note the underlying kernel memory-safety issue, particularly in environments where local users can interact with the affected interface.
Technical summary
The source describes an out-of-bounds read in Linux kernel tracing code. If a write to set_ftrace_filter exceeds FTRACE_BUFF_MAX, trace_get_user fails but does not properly terminate parser->buffer. Later cleanup/parsing paths can call strsep on an unterminated buffer, leading to a KASAN-detected slab-out-of-bounds read. The advisory lists CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H, indicating local exploitation conditions and potential confidentiality and availability impact.
Defensive priority
High for affected Siemens SIMATIC CN 4100 deployments and any system exposing the relevant tracing interface to untrusted local users. The vulnerability is locally reachable and rated High (7.1), so patching and exposure review should be handled promptly.
Recommended defensive actions
- Update Siemens SIMATIC CN 4100 to V5.0 or later, per the sourced remediation guidance.
- Review whether any local users or services can write to set_ftrace_filter or otherwise reach the tracing path.
- Limit access to kernel tracing interfaces to trusted administrative accounts only.
- Monitor the cited Siemens/CISA advisory pages for any follow-on clarification or product scope updates.
- Verify whether the device inventory matches the advisory mapping, since the source corpus ties a Linux kernel issue to a Siemens product advisory package.
Evidence notes
The supplied source corpus is a CISA CSAF advisory republished from Siemens ProductCERT, published 2026-05-12 and modified 2026-05-14. The description explicitly attributes the flaw to Linux kernel tracing code and names the failing condition, the affected parsing path, and the KASAN out-of-bounds read. The remediation field states: update to V5.0 or later version. The vendor/product mapping in the corpus is low-confidence and should be verified because the technical description is kernel-centric while the advisory package is Siemens SIMATIC CN 4100.
Official resources
-
CVE-2025-39683 CVE record
CVE.org
-
CVE-2025-39683 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by the sourced advisory on 2026-05-12 and republished by CISA on 2026-05-14. No Known Exploited Vulnerabilities listing is indicated in the supplied enrichment data.