CVE-2025-38688 in Linux情報

要約

〜によって MITRE • 2025年09月04日

In the Linux kernel, the following vulnerability has been resolved:

iommufd: Prevent ALIGN() overflow

When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONG_MAX then the ALIGN() can wrap resulting in a corrupted iova.

Open code the ALIGN() using get_add_overflow() to prevent this. This simplifies the checks as we don't need to check for length earlier either.

Consolidate the two copies of this code under a single helper.

This bug would allow userspace to create a mapping that overlaps with some other mapping or a reserved range.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

責任者

Linux

予約する

2025年04月16日

モデレーション

承諾済み

エントリ

VDB-322561

CWE

不明

EPSS

0.00153

アクティビティ

低い

ソース

Do you need the next level of professionalism?

Upgrade your account now!