kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

CVE-2026-45944

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...

PT-2026-44236

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

EUVD-2026-32328

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

UBUNTU-CVE-2026-45944

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...

CVE-2026-45944

CVE-2026-45944 affects the Linux kernel IOMMU VT-d. During context-entry teardown, the implementation zeros a 128‑bit entry in two 64‑bit writes, risking a torn entry where the Present bit remains set while other fields are zeroed, potentially causing unpredictable behavior or spurious faults. Th...

CVE-2026-45862

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

PT-2026-43812

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix race condition during PASID entry replacement The Intel VT-d PASID table entry is 512 bits 64 bytes. When replacing an active PASID entry e.g., during domain replacement, the current implementation calculates a ne...

CVE-2026-45944

iommu/vt-d: Clear Present bit before tearing down context entry...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two distinctly different samples of NEC uPD720200 one with a start/stop bug, one without it were observed to cause IOMMU faults after some Missed Service Errors. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: A overflow issue was identified in IOMMUTESTOPADDRESERVED. Syzkaller discovered that this could lead to an overflow in the test infrastructure and cause a WARN message by corrupting the reserved interval tree...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only warnings are issued when overwriting a shadow-present SPTE, specifically when the operation is performed on direct MMUs. This adjustment applies only to MMUs that do not have shadowed gPTEs. While it’s impossib...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Do not unset the “window” if it was never set. On pSeries, when a user attempts to use the same vfio container used by different iommu groups, the spaprtcesetwindow function returns -EPERM. The subsequent...

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

EUVD-2023-35620

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

CVE-2023-31309

CVE-2023-31309 describes an improper validation vulnerability in AMD's Power Management Firmware (PMFW). The issue allows a user with privileges to pass malformed workload arguments when exporting table data from the System Management Unit (SMU) to DRAM, potentially causing loss of confidentialit...

PT-2026-41239

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...