CVE-2026-53133

EUVD-2026-39338

25.06.2026, 09:16

In the Linux kernel, the following vulnerability has been resolved:

RDMA/umem: Fix truncation for block sizes >= 4G

When the iommu is used the linearization of the mapping can give a single
block that is very large split across multiple SG entries.

When __rdma_block_iter_next() reassembles the split SG entries it is
overflowing the 32 bit stack values and computed the wrong DMA addresses
for blocks after the truncation.

Use the right types to hold DMA addresses.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 7%

Debian Releases

Debian Product

Codename

linux

bookworm	vulnerable
bookworm (security)	vulnerable
bullseye	vulnerable
bullseye (security)	vulnerable
forky	vulnerable
sid	7.0.13-1 fixed
trixie	vulnerable
trixie (security)	6.12.94-1 fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen.
Published: 2026-06-24T22:00:00+00:00

References

https://git.kernel.org/stable/c/15fe76e23615f502d051ef0768f86babaf08746c

https://git.kernel.org/stable/c/2ff4b7817e5b78070c30f5fb5e678e452a2628b3

https://git.kernel.org/stable/c/8fe0231adebe086c8a459c790944ac026cd99c6e

https://git.kernel.org/stable/c/ac1aad8e1281534ce936c250f68084fc79c5469e

https://git.kernel.org/stable/c/afd35fec9297195b759078745549c2671223f24f

https://git.kernel.org/stable/c/baf8685bcf56dc1efb44b8f6a57c42516e549068

https://git.kernel.org/stable/c/cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f

https://git.kernel.org/stable/c/dee2a49adeeb2a5e16a3fc858fa21b841c519802