iommu/amd: Fix clone_alias() to use the original device’s devid

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

iommu/amd: Fix clone_alias() to use the original device's devid

Currently clone_alias() assumes first argument (pdev) is always the
original device pointer. This function is called by
pci_for_each_dma_alias() which based on topology decides to send
original or alias device details in first argument.

This meant that the source devid used to look up and copy the DTE
may be incorrect, leading to wrong or stale DTE entries being
propagated to alias device.

Fix this by passing the original pdev as the opaque data argument to
both the direct clone_alias() call and pci_for_each_dma_alias(). Inside
clone_alias(), retrieve the original device from data and compute devid
from it.

Basic Information

ID CVE-2026-53053

Source Linux

Published Jun 24, 2026 at 16:29

Modified Jun 28, 2026 at 06:38

Affected Product

Vendor Linux

Product Linux

Version 3332364e4ebc0581d133a334645a20fd13b580f1

Affected Versions Linux Linux 3332364e4ebc0581d133a334645a20fd13b580f1
Linux Linux 3332364e4ebc0581d133a334645a20fd13b580f1
Linux Linux 3332364e4ebc0581d133a334645a20fd13b580f1
Linux Linux 3332364e4ebc0581d133a334645a20fd13b580f1
Linux Linux 1f03a258f20f1699ede29bb40804074db9398a0d
Linux Linux 5.4.17
Linux Linux 5.5

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix clone_alias() to use the original device's devid\n\nCurrently clone_alias() assumes first argument (pdev) is always the\noriginal device pointer. This function is called by\npci_for_each_dma_alias() which based on topology decides to send\noriginal or alias device details in first argument.\n\nThis meant that the source devid used to look up and copy the DTE\nmay be incorrect, leading to wrong or stale DTE entries being\npropagated to alias device.\n\nFix this by passing the original pdev as the opaque data argument to\nboth the direct clone_alias() call and pci_for_each_dma_alias(). Inside\nclone_alias(), retrieve the original device from data and compute devid\nfrom it.",
    "published": "2026-06-24T16:29:59.093Z",
    "modified": "2026-06-28T06:38:38.631Z",
    "type": "cve",
    "title": "iommu/amd: Fix clone_alias() to use the original device's devid",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/dbd76a537d8cb814e7f5b795ab21ecb7949c821d\nhttps://git.kernel.org/stable/c/20b3c566e2702e5d4d0545be8a97029a2eebcc0e\nhttps://git.kernel.org/stable/c/dae251ff11d2d2208a029f98923756831cefec46\nhttps://git.kernel.org/stable/c/faad224fe0f0857a04ff2eb3c90f0de57f47d0f3",
    "id": "CVE-2026-53053",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 3332364e4ebc0581d133a334645a20fd13b580f1\nLinux Linux 3332364e4ebc0581d133a334645a20fd13b580f1\nLinux Linux 3332364e4ebc0581d133a334645a20fd13b580f1\nLinux Linux 3332364e4ebc0581d133a334645a20fd13b580f1\nLinux Linux 1f03a258f20f1699ede29bb40804074db9398a0d\nLinux Linux 5.4.17\nLinux Linux 5.5",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "3332364e4ebc0581d133a334645a20fd13b580f1",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

iommu/amd: Fix clone_alias() to use the original device’s devid_CVE-2026-53053

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply