PatchSiren cyber security CVE debrief

CVE-2025-39844 Cert Portal CVE debrief

CVE-2025-39844 describes a Linux kernel memory-management flaw that can cause an availability-impacting boot failure. According to the advisory text, the problem appears when the vmemmap region spans two PGD entries and the optimized compound-page path does not synchronize top-level page tables for all tasks. In affected configurations, that can produce a supervisor-mode page fault during vmemmap initialization and stop the system from booting normally. The supplied advisory maps the issue to Siemens SIMATIC CN 4100 systems running versions before V5.0 and provides an update path to V5.0 or later. The risk is primarily operational availability, not confidentiality or integrity, but it is still important for OT environments where an unexpected reboot or failed boot can disrupt control and maintenance workflows.

Vendor: Cert Portal
Product: Siemens SIMATIC CN 4100 vers:intdot/<5.0
CVSS: MEDIUM 5.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-05-12
Original CVE updated: 2026-05-14
Advisory published: 2026-05-12
Advisory updated: 2026-05-14

Who should care

OT operators, system integrators, and patch managers responsible for Siemens SIMATIC CN 4100 devices running versions before V5.0 should review this issue. Linux kernel teams supporting vmemmap, page-table, or device-DAX/persistent-memory code paths should also note the underlying synchronization problem.

Technical summary

The vulnerability is a Linux kernel page-table synchronization bug in the vmemmap population path. The advisory says the crash can occur during boot when initializing the vmemmap (struct page array) if the region spans two PGD entries. In that case, a new PGD entry may be installed in init_mm.pgd but not synchronized into the page tables of other tasks. The failure is observed in a boot-time stack involving __init_single_page(), __init_zone_device_page(), memmap_init_zone_device(), memremap_pages(), devm_memremap_pages(), and dev_dax_probe(). The problem is triggered on the optimized vmemmap path, where vmemmap_can_optimize() leads to vmemmap_populate_compound_pages() and skips the top-level page-table sync that the normal x86 path performs. The described fix moves page-table sync declarations to linux/pgtable.h and introduces kernel-page-table population helpers to make synchronization harder to omit.

Defensive priority

Medium. The published CVSS is 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), reflecting a local-precondition, availability-only issue. It deserves prompt attention in OT environments because it can prevent successful boot on affected systems.

Recommended defensive actions

Update affected Siemens SIMATIC CN 4100 systems to V5.0 or later using the vendor remediation path provided in the advisory.
Confirm whether any deployed systems are running versions before V5.0 and schedule maintenance windows for upgrade and verification.
After remediation, validate that affected devices boot cleanly and review kernel logs for page-fault or memremap_pages/dev_dax_probe failures.
If you maintain Linux kernels outside this product line, ensure backports include the page-table synchronization fix for the vmemmap population path.
Treat unexpected boot failures on systems using persistent memory or device-DAX as a priority operational issue and escalate for vendor support if needed.

Evidence notes

This debrief is based only on the supplied CISA CSAF source item and the referenced Siemens ProductCERT advisory links. The advisory text explicitly describes intermittent boot failures, a page fault in __init_single_page(), the missing top-level page-table synchronization in the optimized vmemmap path, and the remediation to update to V5.0 or later. The provided timeline shows public publication on 2026-05-12 and republication on 2026-05-14.

Official resources

Public advisory material in the supplied corpus was published on 2026-05-12 and republished on 2026-05-14. The provided data does not mark this CVE as KEV-listed.