Home

CVE-2025-68760

Description

In the Linux kernel, the following vulnerability has been resolved:iommu/amd: Fix potential out-of-bounds read in iommu_mmio_showIn iommu_mmio_write(), it validates the user-provided offset with thecheck: iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4.This assumes a 4-byte access. However, the correspondingshow handler, iommu_mmio_show(), uses readq() to perform an 8-byte(64-bit) read.If a user provides an offset equal to mmio_phys_end - 4, the checkpasses, and will lead to a 4-byte out-of-bounds read.Fix this by adjusting the boundary check to use sizeof(u64), whichcorresponds to the size of the readq() operation.

Risk Information

Base Score
7.1
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.025

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234