{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53053", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.381Z", "datePublished": "2026-06-24T16:29:59.093Z", "dateUpdated": "2026-06-28T06:38:38.631Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-28T06:38:38.631Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix clone_alias() to use the original device's devid\n\nCurrently clone_alias() assumes first argument (pdev) is always the\noriginal device pointer. This function is called by\npci_for_each_dma_alias() which based on topology decides to send\noriginal or alias device details in first argument.\n\nThis meant that the source devid used to look up and copy the DTE\nmay be incorrect, leading to wrong or stale DTE entries being\npropagated to alias device.\n\nFix this by passing the original pdev as the opaque data argument to\nboth the direct clone_alias() call and pci_for_each_dma_alias(). Inside\nclone_alias(), retrieve the original device from data and compute devid\nfrom it."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/amd/iommu.c"], "versions": [{"version": "3332364e4ebc0581d133a334645a20fd13b580f1", "lessThan": "dbd76a537d8cb814e7f5b795ab21ecb7949c821d", "status": "affected", "versionType": "git"}, {"version": "3332364e4ebc0581d133a334645a20fd13b580f1", "lessThan": "20b3c566e2702e5d4d0545be8a97029a2eebcc0e", "status": "affected", "versionType": "git"}, {"version": "3332364e4ebc0581d133a334645a20fd13b580f1", "lessThan": "dae251ff11d2d2208a029f98923756831cefec46", "status": "affected", "versionType": "git"}, {"version": "3332364e4ebc0581d133a334645a20fd13b580f1", "lessThan": "faad224fe0f0857a04ff2eb3c90f0de57f47d0f3", "status": "affected", "versionType": "git"}, {"version": "1f03a258f20f1699ede29bb40804074db9398a0d", "status": "affected", "versionType": "git"}, {"version": "5.4.17", "lessThan": "5.5", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/amd/iommu.c"], "versions": [{"version": "5.5", "status": "affected"}, {"version": "0", "lessThan": "5.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.91", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.12.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "7.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/dbd76a537d8cb814e7f5b795ab21ecb7949c821d"}, {"url": "https://git.kernel.org/stable/c/20b3c566e2702e5d4d0545be8a97029a2eebcc0e"}, {"url": "https://git.kernel.org/stable/c/dae251ff11d2d2208a029f98923756831cefec46"}, {"url": "https://git.kernel.org/stable/c/faad224fe0f0857a04ff2eb3c90f0de57f47d0f3"}], "title": "iommu/amd: Fix clone_alias() to use the original device's devid", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: iommu/amd: Fix clone_alias() to use the original device's devid", "id": "2492310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492310"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-694", "details": ["In the Linux kernel, the following vulnerability has been resolved:\niommu/amd: Fix clone_alias() to use the original device's devid\nCurrently clone_alias() assumes first argument (pdev) is always the\noriginal device pointer. This function is called by\npci_for_each_dma_alias() which based on topology decides to send\noriginal or alias device details in first argument.\nThis meant that the source devid used to look up and copy the DTE\nmay be incorrect, leading to wrong or stale DTE entries being\npropagated to alias device.\nFix this by passing the original pdev as the opaque data argument to\nboth the direct clone_alias() call and pci_for_each_dma_alias(). Inside\nclone_alias(), retrieve the original device from data and compute devid\nfrom it.", "A flaw was found in the Linux kernel's IOMMU (Input/Output Memory Management Unit) AMD driver. The `clone_alias()` function incorrectly uses the device ID (devid) when handling alias devices. This can lead to the propagation of wrong or stale Device Table Entry (DTE) entries to alias devices, potentially impacting system stability or data integrity."], "name": "CVE-2026-53053", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53053\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53053\nhttps://lore.kernel.org/linux-cve-announce/2026062400-CVE-2026-53053-5305@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[3332364e4ebc0581d133a334645a20fd13b580f1,dbd76a537d8cb814e7f5b795ab21ecb7949c821d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[3332364e4ebc0581d133a334645a20fd13b580f1,20b3c566e2702e5d4d0545be8a97029a2eebcc0e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[3332364e4ebc0581d133a334645a20fd13b580f1,dae251ff11d2d2208a029f98923756831cefec46)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[3332364e4ebc0581d133a334645a20fd13b580f1,faad224fe0f0857a04ff2eb3c90f0de57f47d0f3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "1f03a258f20f1699ede29bb40804074db9398a0d"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.4.17,5.5)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.5"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.5)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.91,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.33,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.10,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-24T20:15:07.669386+00:00", "updated": "2026-06-28T13:15:16.449300+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}