PT-2025-34760 · Linux+5 · Linux Kernel+5

Published

2025-08-04

·

Updated

2026-04-20

·

CVE-2025-38676

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A stack buffer overflow in the iommu/amd component of the Linux kernel was addressed. The vulnerability occurs when handling the kernel command line, specifically when processing the “acpiid” argument. Although the kernel command line is generally considered a trusted environment, a buffer overflow can occur if the “str” argument reaches its maximum length, potentially writing one byte beyond the allocated buffer for “acpiid”.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Weakness Enumeration

CWE-805CWE-787

Related Identifiers

AZL-66692
AZL-73815
BDU:2025-15023
CVE-2025-38676
DLA-4327-1
DLA-4328-1
DSA-6008-1
DSA-6009-1
ECHO-21E1-980C-98E3
OESA-2026-1303
OESA-2026-1304
OESA-2026-1339
OESA-2026-1341
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu