Main Vulnerability Database Vulnerabilities #VU130518

Race condition in Linux kernel - CVE-2026-43220

Published: May 7, 2026

Vulnerability identifier: #VU130518

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-43220

CWE-ID: CWE-362

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to a race condition in the amd iommu tlb invalidation handling when processing concurrent tlb invalidations. A local user can trigger concurrent invalidation activity to cause a denial of service.

The issue can cause completion waits to time out because command completion wait operations may be queued out of sequence.

Remediation

Install security update from vendor's repository.

External links

https://git.kernel.org/stable/c/48caa7542a795c9679ec1bd1bc2592e05a7369a4
https://git.kernel.org/stable/c/5000ce7fcb31067566a1a1a2e5b5bbff93625242
https://git.kernel.org/stable/c/9e249c48412828e807afddc21527eb734dc9bd3d

Race condition in Linux kernel - CVE-2026-43220

Description

Remediation

External links

Please verify you're human