PatchSiren cyber security CVE debrief
CVE-2025-39813 Cert Portal CVE debrief
CVE-2025-39813 covers a Linux kernel ftrace race condition that can trigger a WARN_ON_ONCE() in trace_printk_seq() during ftrace_dump when trace_pipe is being read at the same time. According to the supplied advisory metadata, the issue is associated with Siemens SIMATIC CN 4100 versions before 5.0 and was published by CISA on 2026-05-12, with a CISA republication of the Siemens ProductCERT advisory on 2026-05-14. The reported impact is availability-only and is rated Medium in the supplied source.
- Vendor
- Cert Portal
- Product
- Siemens SIMATIC CN 4100 vers:intdot/<5.0
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Administrators and operators responsible for the affected Siemens SIMATIC CN 4100 environment, as well as Linux kernel maintainers and system owners who rely on ftrace/trace_pipe functionality in impacted builds.
Technical summary
The supplied description says ftrace_dump_one() can race with concurrent trace_pipe readers. If ring buffer data is consumed between trace_empty() and trace_find_next_entry_inc(), the iterator may be reset so that iter.seq.len and iter.seq.size are both 0, while trace_find_next_entry_inc() returns NULL and leaves iter.seq unpopulated. A subsequent trace_printk_seq() call then meets WARN_ON_ONCE(s->seq.len >= s->seq.size), producing a warning. The fix is to move trace_printk_seq() into the block that only executes when trace_find_next_entry_inc() returns non-NULL.
Defensive priority
Medium. The issue is local, affects availability, and can produce kernel warnings rather than confidentiality or integrity compromise. It still deserves prompt patching in operational environments because repeated warnings can affect stability and noisy logs may complicate incident response.
Recommended defensive actions
- Update to V5.0 or later, as stated in the supplied remediation.
- Review the Siemens ProductCERT and CISA advisory references for the exact affected build scope.
- If you operate affected systems, validate whether trace_pipe/ftrace functionality is in use and prioritize maintenance windows for patching.
- Monitor kernel logs for repeated WARN_ON_ONCE activity around ftrace/trace_printk_seq while remediation is being planned.
Evidence notes
The source corpus describes a race in Linux kernel ftrace: concurrent ftrace_dump_one() and trace_pipe reading can cause trace_find_next_entry_inc() to return NULL after trace_iterator_reset() has zeroed the sequence length and size, which in turn can trip WARN_ON_ONCE() in trace_printk_seq(). The supplied remediation is to move trace_printk_seq() inside the non-NULL branch. The advisory metadata ties the issue to Siemens SIMATIC CN 4100 versions <5.0 and gives a Medium CVSS score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Official resources
-
CVE-2025-39813 CVE record
CVE.org
-
CVE-2025-39813 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2026-05-12 and republished the Siemens ProductCERT advisory on 2026-05-14, per the supplied revision history and timeline fields.