CVE-2025-38676 — Out-of-bounds Write in Linux

CWE-787 — Out-of-bounds Write CWE-805 — Buffer Access with Incorrect Length Value30 documents8 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 93.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedAug 26

Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDlinux/linux_kernel5.4.237 — 5.5+7

▶Debianlinux/linux_kernel< 5.10.244-1+3

▶CVEListV5linux/linuxf2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9 — a732502bf3bbe859613b6d7b2b0313b11f0474ac+9

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-4grh-3wrc-7rxm: In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel comm↗2025-08-26

▶

CVEList

iommu/amd: Avoid stack buffer overflow from kernel cmdline↗2025-08-26

▶

OSV

CVE-2025-38676: In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel comman↗2025-08-26

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-25

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2026-03-04

▶

Ubuntu

Linux kernel (Xilinx) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (IBM) vulnerabilities↗2026-02-24

▶