net: mvpp2: sync RX data at the hardware packet offset

Summary

CVE	CVE-2026-53217
State	PUBLISHED
Assigner	Linux
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-06-25 09:16:39 UTC
Updated	2026-06-25 09:16:39 UTC
Description	In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dma_addr + MVPP2_SKB_HEADROOM. The current CPU sync starts at dma_addr and only covers rx_bytes + MVPP2_MH_SIZE bytes, which syncs the unused headroom and misses the same number of bytes at the packet tail. On non-coherent DMA systems this can leave the CPU reading stale cache contents for the end of the received frame. Use dma_sync_single_range_for_cpu() with MVPP2_SKB_HEADROOM as the range offset so the sync covers the Marvell header and packet data actually written by hardware.

Risk And Classification

EPSS: 0.001840000 probability, percentile 0.082010000 (date 2026-06-26)

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 60412bdd1b2576659eac23a23d2d9ff96228a643 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 19f8bc139e9b149d1e5bf75ae761d1bb8dd3e7d8 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 a3ad9b5767c89531fc7dae951b51b0933dcf7051 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 bede0f481b9137d73d1cf64309cbe4b94818a5d6 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 23548007b3c66d628fc7d6b80d1e23be04ea10d9 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 a13199fa224e9f776f4005d5037df03aa9ea8f37 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 e302206ad84a407a7e5f3f6fe767ff5efaace689 git	Not specified
CNA	Linux	Linux	affected e1921168bbd4810de4197446e52f652cd0dd9541 180235600934bef6add3be637c296d6cf3272e67 git	Not specified
CNA	Linux	Linux	affected 5.5	Not specified
CNA	Linux	Linux	unaffected 5.5 semver	Not specified
CNA	Linux	Linux	unaffected 5.10.259 5.10.* semver	Not specified
CNA	Linux	Linux	unaffected 5.15.210 5.15.* semver	Not specified
CNA	Linux	Linux	unaffected 6.1.176 6.1.* semver	Not specified
CNA	Linux	Linux	unaffected 6.6.143 6.6.* semver	Not specified
CNA	Linux	Linux	unaffected 6.12.94 6.12.* semver	Not specified
CNA	Linux	Linux	unaffected 6.18.36 6.18.* semver	Not specified
CNA	Linux	Linux	unaffected 7.0.13 7.0.* semver	Not specified
CNA	Linux	Linux	unaffected 7.1 * original_commit_for_fix	Not specified

References

Reference	Source	Link	Tags
git.kernel.org/stable/c/a3ad9b5767c89531fc7dae951b51b0933dcf7051	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/19f8bc139e9b149d1e5bf75ae761d1bb8dd3e7d8	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/bede0f481b9137d73d1cf64309cbe4b94818a5d6	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/23548007b3c66d628fc7d6b80d1e23be04ea10d9	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/60412bdd1b2576659eac23a23d2d9ff96228a643	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/180235600934bef6add3be637c296d6cf3272e67	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/e302206ad84a407a7e5f3f6fe767ff5efaace689	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/a13199fa224e9f776f4005d5037df03aa9ea8f37	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.