CVE-2025-38688
Published: Sep 4, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN() overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONG_MAX then the ALIGN() can wrap resulting in a corrupted iova. Open code the ALIGN() using get_add_overflow() to prevent this. This simplifies the checks as we don't need to check for length earlier either. Consolidate the two copies of this code under a single helper. This bug would allow userspace to create a mapping that overlaps with some other mapping or a reserved range.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 51fe6141f0f64ae0bbc096a41a07572273e8c0ef - < d19b817540c0abe84854a64ee9ee34cecc3bbeefaffected 51fe6141f0f64ae0bbc096a41a07572273e8c0ef - < ebb6021560b94649bec6b8faba6fe0dca2218e81affected 51fe6141f0f64ae0bbc096a41a07572273e8c0ef - < e42a046bb41dcdde4f766a17d8211842007ed537affected 51fe6141f0f64ae0bbc096a41a07572273e8c0ef - < 79fad1917802c28de51a479318a056a6fbe3e2f2affected 51fe6141f0f64ae0bbc096a41a07572273e8c0ef - < b42497e3c0e74db061eafad41c0cd7243c46436b |
Linux | Linux | affected 6.2unaffected 0 - < 6.2unaffected 6.6.103 - <= 6.6.*unaffected 6.12.43 - <= 6.12.*unaffected 6.15.11 - <= 6.15.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now