Always-Incorrect Control Flow Implementation in Linux kernel - CVE-2026-53164
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of a zero-length mapping and incorrect error unwind logic in iommu_dma_iova_link_swiotlb() when processing unaligned swiotlb mappings. A local user can trigger unaligned memory mappings to corrupt the mapping state and cause a denial of service.
This can be triggered by certain thunderbolt NVMe drives using forced SWIOTLB with oddly aligned buffers for passthrough commands from smartctl.