Potential Out-of-Bounds Read in Linux Kernel Affecting AMD IOMMU
CVE-2025-68760

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
5 January 2026

What is CVE-2025-68760?

An out-of-bounds read vulnerability exists in the Linux kernel's IOMMU component for AMD hardware, specifically related to the offset validation in the iommu_mmio_write() function. The issue arises when a user-provided offset is incorrectly assumed to align with 4-byte access, while the iommu_mmio_show() function performs an 8-byte read. This oversight can lead to a potential out-of-bounds read if the offset is set to mmio_phys_end - 4, causing exposure to unexpected data during memory operations. A fix has been implemented to align the boundary check with the correct size of the read operation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 7a4ee419e8c144b747a8915856e91a034d7c8f34

Linux 7a4ee419e8c144b747a8915856e91a034d7c8f34 < 0ec4aaf5f3f559716a6559f3d6d9616e9470bed6

Linux 7a4ee419e8c144b747a8915856e91a034d7c8f34

References

https://git.kernel.org/stable/c/b959df804c33913dbfdb90750...
https://git.kernel.org/stable/c/0ec4aaf5f3f559716a6559f3d...
https://git.kernel.org/stable/c/a0c7005333f9a968abb058b1d...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.