CVE-2025-38676

EPSS 0.08%
Published 26.08.2025 13:15:32
Last modified 28.08.2025 15:15:58
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

iommu/amd: Avoid stack buffer overflow from kernel cmdline

While the kernel command line is considered trusted in most environments,
avoid writing 1 byte past the end of "acpiid" if the "str" argument is
maximum length.

Affected products Warnungen 0 Metrics 1 CWE 0 References 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < a732502bf3bbe859613b6d7b2b0313b11f0474ac

Version f2a5ec7f7b28f9b9cd5fac232ff51019a7f7b9e9

Status affected

Version < 0ad8509b468fa1058f4f400a1829f29e4ccc4de8

Version c513043e0afe6a8ba79d00af358655afabb576d2

Status affected

Version < 9ff52d3af0ef286535749e14e3fe9eceb39a8349

Version 2ae19ac3ea82a5b87a81c10adbb497c9e58bdd60

Status affected

Version < 8f80c633cba144f721d38d9380f23d23ab7db10e

Version b6b26d86c61c441144c72f842f7469bb686e1211

Status affected

Version < 4bdb0f78bddbfa77d3ab458a21dd9cec495d317a

Version b6b26d86c61c441144c72f842f7469bb686e1211

Status affected

Version < 736db11c86f03e717fc4bf771d05efdf10d23acb

Version b6b26d86c61c441144c72f842f7469bb686e1211

Status affected

Version < 8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec

Version b6b26d86c61c441144c72f842f7469bb686e1211

Status affected

Version 5e97dc748d13fad582136ba0c8cec215c7aeeb17

Status affected

Version 63cd11165e5e0ea2012254c764003eda1f9adb7d

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.3

Status affected

Version < 6.3

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.44

Status unaffected

Version <= 6.16.*

Version 6.16.4

Status unaffected

Version <= *

Version 6.17-rc3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.235

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec

https://git.kernel.org/stable/c/0ad8509b468fa1058f4f400a1829f29e4ccc4de8

https://git.kernel.org/stable/c/4bdb0f78bddbfa77d3ab458a21dd9cec495d317a

https://git.kernel.org/stable/c/736db11c86f03e717fc4bf771d05efdf10d23acb

https://git.kernel.org/stable/c/8f80c633cba144f721d38d9380f23d23ab7db10e

https://git.kernel.org/stable/c/9ff52d3af0ef286535749e14e3fe9eceb39a8349

https://git.kernel.org/stable/c/a732502bf3bbe859613b6d7b2b0313b11f0474ac

https://nvd.nist.gov/vuln/detail/CVE-2025-38676

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38676

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38676

EUVD