CVE-2025-68760

NONE EPSS 5.0%
Published Jan 5, 20265mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Jan 5, 2026 5mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-byte access. However, the corresponding show handler, iommu_mmio_show(), uses readq() to perform an 8-byte (64-bit) read. If a user provides an offset equal to `mmio_phys_end - 4`, the check passes, and will lead to a 4-byte out-of-bounds read. Fix this by adjusting the boundary check to use sizeof(u64), which corresponds to the size of the readq() operation.

Threat Intelligence

EPSS Exploit Probability
5.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/0ec4aaf5f3f559716a6559f3d6d9616e9470bed6
  • git.kernel.org https://git.kernel.org/stable/c/a0c7005333f9a968abb058b1d77bbcd7fb7fd1e7
  • git.kernel.org https://git.kernel.org/stable/c/b959df804c33913dbfdb90750f2d693502b3d126

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.