CVE-2026-23429

UNKNOWN 0.0

iommu/sva: Fix crash in iommu_sva_unbind_device()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

6th

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommu_sva_unbind_device() domain->mm->iommu_mm can be freed by iommu_domain_free(): iommu_domain_free() mmdrop() __mmdrop() mm_pasid_drop() After iommu_domain_free() returns, accessing domain->mm->iommu_mm may dereference a freed mm structure, leading to a crash. Fix this by moving the code that accesses domain->mm->iommu_mm to before the call to iommu_domain_free().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 3, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

9f0a7ab700f8620e433b05c57fbd26c92ea186d9 < 58abeb7b9562f25bdfa2f5ae5ce803eb02e74433 e37d5a2d60a338c5917c45296bac65da1382eda5 < f5daaa2c959d9f894fb5b1ab76da8612dd220a0d e37d5a2d60a338c5917c45296bac65da1382eda5 < 06e14c36e20b48171df13d51b89fe67c594ed07a

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/58abeb7b9562f25bdfa2f5ae5ce803eb02e74433 git.kernel.org: https://git.kernel.org/stable/c/f5daaa2c959d9f894fb5b1ab76da8612dd220a0d git.kernel.org: https://git.kernel.org/stable/c/06e14c36e20b48171df13d51b89fe67c594ed07a