RDMA/umem: Fix truncation for block sizes >= 4G

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-53133
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-25 09:16:30 UTC
Updated2026-06-25 09:16:30 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes >= 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When __rdma_block_iter_next() reassembles the split SG entries it is overflowing the 32 bit stack values and computed the wrong DMA addresses for blocks after the truncation. Use the right types to hold DMA addresses.

Risk And Classification

EPSS: 0.001760000 probability, percentile 0.073610000 (date 2026-06-25)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 2ff4b7817e5b78070c30f5fb5e678e452a2628b3 git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 dee2a49adeeb2a5e16a3fc858fa21b841c519802 git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 8fe0231adebe086c8a459c790944ac026cd99c6e git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 baf8685bcf56dc1efb44b8f6a57c42516e549068 git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 afd35fec9297195b759078745549c2671223f24f git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 ac1aad8e1281534ce936c250f68084fc79c5469e git Not specified
CNA Linux Linux affected a808273a495c657e33281b181fd7fcc2bb28f662 15fe76e23615f502d051ef0768f86babaf08746c git Not specified
CNA Linux Linux affected 5.2 Not specified
CNA Linux Linux unaffected 5.2 semver Not specified
CNA Linux Linux unaffected 5.10.259 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.210 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.176 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.143 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.94 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.36 6.18.* semver Not specified
CNA Linux Linux unaffected 7.0.13 7.0.* semver Not specified
CNA Linux Linux unaffected 7.1 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/2ff4b7817e5b78070c30f5fb5e678e452a2628b3 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/dee2a49adeeb2a5e16a3fc858fa21b841c519802 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/baf8685bcf56dc1efb44b8f6a57c42516e549068 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/15fe76e23615f502d051ef0768f86babaf08746c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/ac1aad8e1281534ce936c250f68084fc79c5469e 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/afd35fec9297195b759078745549c2671223f24f 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/8fe0231adebe086c8a459c790944ac026cd99c6e 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report