misc: fastrpc: fix DMA address corruption due to find_vma misuse

Summary

CVECVE-2026-53159
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-25 09:16:33 UTC
Updated2026-07-04 12:16:59 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to find_vma misuse fastrpc_get_args() uses find_vma() to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA, (ptr & PAGE_MASK) - vma->vm_start underflows, corrupting the DMA address sent to the DSP. Replace find_vma() with vma_lookup(), which returns NULL when the address is not contained within any VMA.

Risk And Classification

EPSS: 0.001720000 probability, percentile 0.068790000 (date 2026-07-03)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 d43afc412d439ffca1567e7ca8652be22f272b3b git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 2d0f47e27c1fa718b29c69aa7c96a2c5161bc2c2 git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 708c17b52c60fe7a57e73b495bdee50f58feb48c git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 d3e26df2e8eb361e6bef096b2fd565476a1f14c4 git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 e69e306a4cccb40a73511350cb280825a556ce3c git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 53e06f8a3c2b085c31bf1284e2ebcb8036e99625 git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 7ba7b30ddb04646d4d638f4d8c4718a304bbbddd git Not specified
CNA Linux Linux affected 80f3afd72bd4149c57daf852905476b43bb47647 464c6ad2aa16e1e1df9d559289199356493d1e00 git Not specified
CNA Linux Linux affected 954edc466128479872731d06f026d0e71840d153 git Not specified
CNA Linux Linux affected 5.1.6 5.2 semver Not specified
CNA Linux Linux affected 5.2 Not specified
CNA Linux Linux unaffected 5.2 semver Not specified
CNA Linux Linux unaffected 5.10.260 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.210 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.176 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.143 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.94 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.36 6.18.* semver Not specified
CNA Linux Linux unaffected 7.0.13 7.0.* semver Not specified
CNA Linux Linux unaffected 7.1 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/7ba7b30ddb04646d4d638f4d8c4718a304bbbddd 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/e69e306a4cccb40a73511350cb280825a556ce3c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/2d0f47e27c1fa718b29c69aa7c96a2c5161bc2c2 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/464c6ad2aa16e1e1df9d559289199356493d1e00 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d43afc412d439ffca1567e7ca8652be22f272b3b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/708c17b52c60fe7a57e73b495bdee50f58feb48c 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/53e06f8a3c2b085c31bf1284e2ebcb8036e99625 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/d3e26df2e8eb361e6bef096b2fd565476a1f14c4 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report