vfio/pci: Clean up DMABUFs before disabling function_CVE-2026-53322

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

vfio/pci: Clean up DMABUFs before disabling function

On device shutdown, make vfio_pci_core_close_device() call
vfio_pci_dma_buf_cleanup() before the function is disabled via
vfio_pci_core_disable(). This ensures that all access via DMABUFs is
revoked before the function's BARs become inaccessible.

This fixes an issue where, if the function is disabled first, a tiny
window exists in which the function's MSE is cleared and yet BARs
could still be accessed via the DMABUF. The resources would also be
freed and up for grabs by a different driver.

AI Analysis

Linux kernel vulnerability in vfio/pci: Clean up DMABUFs before disabling function

Basic Information

ID CVE-2026-53322

Source Linux

Published Jun 26, 2026 at 19:41

Modified Jun 28, 2026 at 06:41

Affected Product

Vendor Linux

Product Linux

Version 5d74781ebc86c5fa9e9d6934024c505412de9b52

Affected Versions Linux Linux 5d74781ebc86c5fa9e9d6934024c505412de9b52
Linux Linux 5d74781ebc86c5fa9e9d6934024c505412de9b52
Linux Linux 6.19

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Linux

Product Linux Kernel

Version 5d74781ebc86c5fa9e9d6934024c505412de9b52, 6.19

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Clean up DMABUFs before disabling function\n\nOn device shutdown, make vfio_pci_core_close_device() call\nvfio_pci_dma_buf_cleanup() before the function is disabled via\nvfio_pci_core_disable().  This ensures that all access via DMABUFs is\nrevoked before the function's BARs become inaccessible.\n\nThis fixes an issue where, if the function is disabled first, a tiny\nwindow exists in which the function's MSE is cleared and yet BARs\ncould still be accessed via the DMABUF.  The resources would also be\nfreed and up for grabs by a different driver.",
    "published": "2026-06-26T19:41:13.245Z",
    "modified": "2026-06-28T06:41:31.870Z",
    "type": "cve",
    "title": "vfio/pci: Clean up DMABUFs before disabling function",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/4f1000a30f67cf7d328059242776a858611d5ef9\nhttps://git.kernel.org/stable/c/d97708701434ce72968e771976aaf9d3438fcafd",
    "id": "CVE-2026-53322",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 5d74781ebc86c5fa9e9d6934024c505412de9b52\nLinux Linux 5d74781ebc86c5fa9e9d6934024c505412de9b52\nLinux Linux 6.19",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "5d74781ebc86c5fa9e9d6934024c505412de9b52",
    "vendor": "Linux",
    "ai_description": "Linux kernel vulnerability in vfio/pci: Clean up DMABUFs before disabling function",
    "ai_severity": "High",
    "ai_vendor": "Linux",
    "ai_product": "Linux Kernel",
    "ai_version": "5d74781ebc86c5fa9e9d6934024c505412de9b52, 6.19",
    "ai_score": 8.8
}