CVE-2025-38676
published 2025-08-26CVE-2025-38676: In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Avoid stack buffer overflow from kernel cmdline
While the kernel command line is considered trusted in most environments,
avoid writing 1 byte past the end of "acpiid" if the "str" argument is
maximum length.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | >= 2ae19ac3ea82a5b87a81c10adbb497c9e58bdd60 < 9ff52d3af0ef286535749e14e3fe9eceb39a8349 | 9ff52d3af0ef286535749e14e3fe9eceb39a8349 |
| linux | linux | >= 5.10.175 < 5.10.241 | 5.10.241 |
| linux | linux | >= 5.15.103 < 5.15.190 | 5.15.190 |
| linux | linux | >= 5.4.237 < 5.5 | 5.5 |
| linux | linux | >= 6.1.16 < 6.1.149 | 6.1.149 |
| linux | linux | >= 6.2.3 < 6.3 | 6.3 |
| linux | linux | >= b6b26d86c61c441144c72f842f7469bb686e1211 < 8f80c633cba144f721d38d9380f23d23ab7db10e | 8f80c633cba144f721d38d9380f23d23ab7db10e |
| linux | linux | >= b6b26d86c61c441144c72f842f7469bb686e1211 < 4bdb0f78bddbfa77d3ab458a21dd9cec495d317a | 4bdb0f78bddbfa77d3ab458a21dd9cec495d317a |
| linux | linux | >= b6b26d86c61c441144c72f842f7469bb686e1211 < 736db11c86f03e717fc4bf771d05efdf10d23acb | 736db11c86f03e717fc4bf771d05efdf10d23acb |
| linux | linux | >= b6b26d86c61c441144c72f842f7469bb686e1211 < 8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec | 8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec |
| linux | linux | >= c513043e0afe6a8ba79d00af358655afabb576d2 < 0ad8509b468fa1058f4f400a1829f29e4ccc4de8 | 0ad8509b468fa1058f4f400a1829f29e4ccc4de8 |
| linux | linux | >= f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9 < a732502bf3bbe859613b6d7b2b0313b11f0474ac | a732502bf3bbe859613b6d7b2b0313b11f0474ac |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.153-1 | 6.1.153-1 |
| linux | linux_kernel | >= 0 < 6.12.48-1 | 6.12.48-1 |
| linux | linux_kernel | >= 0 < 6.16.5-1 | 6.16.5-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH