CVE-2026-43220
Race Condition in Linux Kernel IOMMU AMD Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's IOMMU AMD component, where sequence allocation for commands was not properly serialized during concurrent TLB (Translation Lookaside Buffer) invalidations.
Because the cmd_sem_val was incremented outside the IOMMU spinlock, commands that wait for completion (CMD_COMPL_WAIT) could be queued out of order, breaking the expected sequence and causing random timeouts during completion waits.
The fix involved moving the increment of cmd_sem_val inside the iommu lock to ensure serialization of command sequence allocation and removing an unnecessary return statement.
How can this vulnerability impact me? :
This vulnerability can cause random timeouts during command completion waits in the Linux kernel's IOMMU AMD component.
Such timeouts may lead to instability or unexpected behavior in systems relying on IOMMU for memory management and device isolation, potentially affecting system performance or reliability.