Out-of-bounds read in Linux kernel - CVE-2026-53283
Published: June 29, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local attacker to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in __rlookup_amd_iommu() when registering and probing PCI devices during boot. A local attacker can present a PCI device whose BDF is not described by the IVRS to cause a denial of service.
The issue can lead to a boot-time general protection fault when adjacent slab contents are dereferenced as a struct amd_iommu *.