CVE-2026-53280

UNKNOWN 0.0

iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done() Local sashiko review pointed it out that group->domain could be NULL when a default domain fails to allocate during the first probe, which can crash at domain->ops->attach_dev dereference in __iommu_attach_device() invoked by pci_dev_reset_iommu_done(). pci_dev_reset_iommu_prepare() is fine as an old_domain pointer can be NULL. Skip the re-attach in pci_dev_reset_iommu_done() to fix the bug.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 26, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

c279e83953d937470f8a6e69b69f62608714f13f < 17194cd0dd236e732d116d50840d795ca50ef196 c279e83953d937470f8a6e69b69f62608714f13f < d769711fcddd005f1e654b3bde547140917fe696

Linux / Linux

7.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/17194cd0dd236e732d116d50840d795ca50ef196 git.kernel.org: https://git.kernel.org/stable/c/d769711fcddd005f1e654b3bde547140917fe696