🟠 高危 | CVE-2026-53053 — In the Linux kernel, the following vulnerability h...
🟠 《高危安全漏洞:CVE-2026-53053》
CVSS 评分: 高危(8.8) 状态: Received 发布时间: 2026-06-24
英文原文描述
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Fix clone_alias() to use the original device's devid
Currently clone_alias() assumes first argument (pdev) is always the
original device pointer. This function is called by
pci_for_each_dma_alias() which based on topology decides to send
original or alias device details in first argument.
This meant that the source devid used to look up and copy the DTE
may be incorrect, leading to wrong or stale DTE entries being
propagated to alias device.
Fix this by passing the original pdev as the opaque data argument to
both the direct clone_alias() call and pci_for_each_dma_alias(). Inside
clone_alias(), retrieve the original device from data and compute devid
from it.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-53053 |
| CVSS 评分 | 8.8 🟠 |
| 严重程度 | 高危 |
| CVSS 向量 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
| 发布时间 | 2026-06-24 |
| 最后更新 | 2026-06-28 |
| 状态 | Received |
| 数据来源 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
🔗 参考链接
https://git.kernel.org/stable/c/20b3c566e2702e5d4d0545be8a97029a2eebcc0e
https://git.kernel.org/stable/c/dae251ff11d2d2208a029f98923756831cefec46
https://git.kernel.org/stable/c/dbd76a537d8cb814e7f5b795ab21ecb7949c821d
https://git.kernel.org/stable/c/faad224fe0f0857a04ff2eb3c90f0de57f47d0f3
🤖 本文由 CVE 安全快讯机器人自动生成
英文描述已由 AI 自动翻译为中文,仅供参考,请以原文为准
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-28 18:15