CVE-2026-53133
Received Received - Intake
RDMA/umem DMA Address Truncation in Linux Kernel

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes >= 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When __rdma_block_iter_next() reassembles the split SG entries it is overflowing the 32 bit stack values and computed the wrong DMA addresses for blocks after the truncation. Use the right types to hold DMA addresses.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53133
EUVD
EUVD-2026-39338
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's RDMA/umem subsystem. It involves an issue with handling large block sizes (greater than or equal to 4GB) when the IOMMU is used. Specifically, the linearization of the memory mapping can produce a single large block that is split across multiple scatter-gather (SG) entries. The function __rdma_block_iter_next() that reassembles these split SG entries overflows 32-bit stack values, causing incorrect computation of DMA addresses for blocks after the truncation. The fix involves using the correct data types to hold DMA addresses to prevent this overflow.

Impact Analysis

This vulnerability can lead to incorrect DMA address calculations when handling large memory blocks in RDMA operations. Such incorrect address computations may cause data corruption, system instability, or unexpected behavior in systems relying on RDMA with IOMMU enabled. This could impact the reliability and integrity of data transfers in affected Linux kernel environments.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53133. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart