PatchSiren cyber security CVE debrief
CVE-2025-39714 Cert Portal CVE debrief
CVE-2025-39714 is a Linux kernel media-driver flaw in usbtv handling that can crash a system when resolution changes while streaming is active. The reported scenario is a TV standard switch from NTSC to PAL during streaming, which increases the resolution in the driver state without resizing the video buffer, leading to an overflow and a crash. The published fix locks resolution changes while streaming and uses vb2_is_busy instead of vb2_is_streaming.
- Vendor
- Cert Portal
- Product
- Siemens SIMATIC CN 4100 vers:intdot/<5.0
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Linux kernel maintainers, embedded and OT vendors that ship the affected media stack, operators of devices that expose the usbtv/video-capture path, and defenders responsible for systems that can have video standards changed while streaming is active. The supplied advisory metadata also maps this CVE to Siemens SIMATIC CN 4100 vers:intdot/<5.0, so Siemens users should verify whether their deployed build is in scope.
Technical summary
The issue is an availability problem in the usbtv driver path. When one process is streaming and another changes the TV standard, the driver can raise the expected resolution without adjusting the plane buffer size, causing a copy past the mapped buffer and a kernel crash. The supplied CVSS vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a locally reachable, low-privilege crash condition with high availability impact.
Defensive priority
Medium. Prioritize remediation on any deployment that exposes the affected media capture path or ships the referenced Siemens package. The risk is primarily denial of service via kernel crash/reboot rather than confidentiality or integrity compromise.
Recommended defensive actions
- Update to V5.0 or later, as specified in the supplied Siemens remediation.
- Inventory systems that use the Linux usbtv media path or the Siemens SIMATIC CN 4100 package referenced in the advisory metadata.
- Restrict who can change TV standards or other capture settings while streaming is active.
- Where possible, serialize access to the capture device so one process cannot reconfigure resolution during an active stream.
- Monitor for unexpected kernel crashes, reboots, or media-subsystem faults on exposed systems.
- Verify whether your vendor has backported the kernel fix if you cannot take the named version update immediately.
Evidence notes
The supplied source description states: "When an program is streaming (ffplay) and another program (qv4l2) changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory." It also states the fix direction: "call vb2_is_busy instead of vb2_is_streaming." The source item is a CISA CSAF republishing of Siemens ProductCERT advisory SSA-032379, with publication date 2026-05-12 and modification/republication on 2026-05-14. The advisory metadata associates the CVE with Siemens SIMATIC CN 4100 vers:intdot/<5.0, but the vulnerability text itself describes a Linux kernel usbtv driver issue; that product-scope mapping should be treated as advisory metadata and verified in deployment context.
Official resources
-
CVE-2025-39714 CVE record
CVE.org
-
CVE-2025-39714 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied advisory on 2026-05-12 and republished/updated on 2026-05-14.