CVE-2026-53057
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
In the Linux kernel, the RISC-V IOMMU subsystem lacked required TLB and context cache invalidations after updating DDT/PDT entries. The riscv_iommu_iodir_iotinval() function was added to comply with the RISC-V IOMMU specification.
Risk Assessment
Missing invalidations may lead to stale or incorrect address translations, potentially breaking memory isolation between IOMMU domains and allowing unauthorized data access.
Recommendation
Immediately update the Linux kernel to a version containing this fix, especially on systems using RISC-V IOMMU.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscv_iommu_iodir_iotinval() to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification (Section 6.3.1 and 6.3.2).

