Buffer Overflow Vulnerability in Linux Kernel Affecting AMD IOMMU
CVE-2025-38676

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 August 2025

What is CVE-2025-38676?

A buffer overflow vulnerability has been identified in the Linux kernel related to the AMD IOMMU. This issue occurs when handling kernel command line parameters, specifically when writing an 'acpiid' string. In certain conditions, it is possible to write beyond the allocated memory, which could lead to unpredictable behavior or potential exploitation. The vulnerability has been addressed to ensure that this overflow is prevented, enhancing the overall security of systems utilizing the kernel.

Affected Version(s)

Linux b6b26d86c61c441144c72f842f7469bb686e1211 < 8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec

Linux 5e97dc748d13fad582136ba0c8cec215c7aeeb17

Linux f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9

References

https://git.kernel.org/stable/c/8503d0fcb1086a7cfe26df67c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2025
Vulnerability Reserved
Apr 16, 2025