CVE-2025-37927

Updated: 2026-02-27 00:20:54.543259

Description:

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIID_LEN against a total string length doesn't take into account the lengths of individual hid and uid buffers so the check is insufficient in some cases. For example if the length of hid string is 4 and the length of the uid string is 260, the length of str will be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer which size is 256. The same applies to the hid string with length 13 and uid string with length 250. Check the length of hid and uid strings separately to prevent buffer overflow. Found by Linux Verification Center (linuxtesting.org) with SVACE.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1765463110 2025-12-11 21:18:16
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2026:1771078945 2026-02-14 21:15:30
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2026:1771077729 2026-02-14 21:15:31
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2026:1770032032 2026-02-02 16:03:20
Oracle Linux 7 ELS kernel-uek 5.4.17 7.8 HIGH Released CLSA-2025:1757963029 2025-09-16 11:20:23
TuxCare 9.6 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1766488019 2025-12-23 20:09:11
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Needs Triage 2025-11-19 08:41:21
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Needs Triage 2025-11-19 08:55:59
Ubuntu 20.04 ELS linux 5.4.0 7.8 HIGH In Testing 2026-02-04 12:50:09