CVE-2025-38676

HIGH

Linux Kernel 5.4.237-5.4.x - Out-of-bounds Write in ACPIID Command Line Parsing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-38676. PoCs published by 14mb1v45h.

AI-analyzed exploit summary This repository provides a safe, non-exploit PoC for CVE-2025-38676, a stack buffer overflow in Linux Kernel ≤ 6.17-rc2 (AMD IOMMU). It includes tools for info-gathering, safety checks, and a QEMU boot harness to test long kernel cmdline permutations in a controlled VM environment.

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length.

Exploits (1)

nomisec WORKING POC 1 stars

by 14mb1v45h · poc

https://github.com/14mb1v45h/CVE-2025-38676

View Code ZIP pw:eip

This repository provides a safe, non-exploit PoC for CVE-2025-38676, a stack buffer overflow in Linux Kernel ≤ 6.17-rc2 (AMD IOMMU). It includes tools for info-gathering, safety checks, and a QEMU boot harness to test long kernel cmdline permutations in a controlled VM environment.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux Kernel ≤ 6.17-rc2 (AMD IOMMU)

No auth needed

Prerequisites: QEMU, build-essential, gcc, make, cpio, busybox · A vulnerable kernel version

MITRE ATT&CK