CVE-2025-39823 Cert Portal CVE debrief

Who should care

Linux KVM/x86 virtualization maintainers, and operators of Siemens SIMATIC CN 4100 systems covered by the advisory scope, should review this CVE and confirm whether the fixed version applies to their environment.

Technical summary

The supplied description says guest-controlled indices named min and dest_id reached KVM x86 logic. The remediation is to call array_index_nospec() after bounds checks, which reduces the chance that speculative execution can use an out-of-bounds or otherwise attacker-influenced index to leak data through side channels. The source rates the issue CVSS 7.0 HIGH with vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Defensive priority

High. The source assigns a HIGH severity score, and the mitigation is a code-level hardening change that should be verified in any affected deployment as soon as possible.

Recommended defensive actions

• Update to V5.0 or later, per the supplier remediation guidance in the source advisory.
• Confirm whether your environment uses the affected Siemens SIMATIC CN 4100 advisory scope and whether the fixed package/version is available to you.
• Review Linux KVM/x86 virtualization components for the array_index_nospec() hardening change and ensure the patched build is deployed.
• Track the related Siemens CERT and CISA advisory references for any follow-up revisions or product applicability clarifications.

Evidence notes

All substantive claims here are taken from the supplied CISA CSAF source item and its embedded metadata. The source description is about a Linux kernel KVM x86 speculative-execution mitigation, while the advisory metadata maps the CVE to Siemens SIMATIC CN 4100 versions before V5.0 and references Siemens ProductCERT SSA-032379. Because that product mapping and the kernel-focused description do not fully align, the vendor/product scope should be treated cautiously and verified against the official Siemens advisory before making remediation assumptions.

Official resources