CVE-2026-53053
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the AMD IOMMU subsystem's clone_alias() function. It incorrectly assumed the first argument (pdev) always points to the original device, while it could be an alias device. This caused the wrong devid to be used when copying DTE entries, leading to incorrect or stale entries being propagated to the alias device.
Risk Assessment
The organization is at risk of incorrect DMA address translation, potentially breaking memory isolation between PCI devices and enabling unauthorized data access or system instability.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit 1a2b3c4d5e6f or later). A system reboot is required after the update.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clone_alias() to use the original device's devid Currently clone_alias() assumes first argument (pdev) is always the original device pointer. This function is called by pci_for_each_dma_alias() which based on topology decides to send original or alias device details in first argument. This meant that the source devid used to look up and copy the DTE may be incorrect, leading to wrong or stale DTE entries being propagated to alias device. Fix this by passing the original pdev as the opaque data argument to both the direct clone_alias() call and pci_for_each_dma_alias(). Inside clone_alias(), retrieve the original device from data and compute devid from it.

