CVE-2025-68760

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the iommu/amd module related to boundary checks within the iommu mmio show function. Specifically, the iommu mmio write function validates user-provided offsets, assuming a 4-byte access size. However, iommu mmio show uses readq(), which performs an 8-byte read. This discrepancy can lead to a 4-byte out-of-bounds read if a user provides an offset equal to mmio phys end - 4, as the check passes despite the larger read size. The vulnerable check is: iommu->dbg mmio offset > iommu->mmio phys end - 4.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.