In the Linux kernel, the following vulnerability has been resolved:

misc: fastrpc: fix DMA address corruption due to find_vma misuse

fastrpc_get_args() uses find_vma() to look up the VMA for a user-provided
pointer and compute a DMA address offset. When the address falls in a gap
before the returned VMA, (ptr & PAGE_MASK) - vma->vm_start underflows,
corrupting the DMA address sent to the DSP.

Replace find_vma() with vma_lookup(), which returns NULL when the address
is not contained within any VMA.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00172.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
80f3afd72bd4149c57daf852905476b43bb47647 affected < 2d0f47e27c1fa718b29c69aa7c96a2c5161bc2c2
80f3afd72bd4149c57daf852905476b43bb47647 affected < 708c17b52c60fe7a57e73b495bdee50f58feb48c
80f3afd72bd4149c57daf852905476b43bb47647 affected < d3e26df2e8eb361e6bef096b2fd565476a1f14c4
80f3afd72bd4149c57daf852905476b43bb47647 affected < e69e306a4cccb40a73511350cb280825a556ce3c
80f3afd72bd4149c57daf852905476b43bb47647 affected < 53e06f8a3c2b085c31bf1284e2ebcb8036e99625
80f3afd72bd4149c57daf852905476b43bb47647 affected < 7ba7b30ddb04646d4d638f4d8c4718a304bbbddd
80f3afd72bd4149c57daf852905476b43bb47647 affected < 464c6ad2aa16e1e1df9d559289199356493d1e00
954edc466128479872731d06f026d0e71840d153 affected
5.1.6 affected < 5.2
Linux Linux affected
Version Status Constraints
5.2 affected
0 unaffected < 5.2
5.15.210 unaffected ≤ 5.15.*
6.1.176 unaffected ≤ 6.1.*
6.6.143 unaffected ≤ 6.6.*
6.12.94 unaffected ≤ 6.12.*
6.18.36 unaffected ≤ 6.18.*
7.0.13 unaffected ≤ 7.0.*
7.1 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/2d0f47e27c1fa718b29c69aa7c96a2c5161bc2c2 cve-icon
https://git.kernel.org/stable/c/464c6ad2aa16e1e1df9d559289199356493d1e00 cve-icon
https://git.kernel.org/stable/c/53e06f8a3c2b085c31bf1284e2ebcb8036e99625 cve-icon
https://git.kernel.org/stable/c/708c17b52c60fe7a57e73b495bdee50f58feb48c cve-icon
https://git.kernel.org/stable/c/7ba7b30ddb04646d4d638f4d8c4718a304bbbddd cve-icon
https://git.kernel.org/stable/c/d3e26df2e8eb361e6bef096b2fd565476a1f14c4 cve-icon
https://git.kernel.org/stable/c/e69e306a4cccb40a73511350cb280825a556ce3c cve-icon
History

Thu, 25 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
CWE-193

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to find_vma misuse fastrpc_get_args() uses find_vma() to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA, (ptr & PAGE_MASK) - vma->vm_start underflows, corrupting the DMA address sent to the DSP. Replace find_vma() with vma_lookup(), which returns NULL when the address is not contained within any VMA.
Title misc: fastrpc: fix DMA address corruption due to find_vma misuse
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-25T08:38:41.482Z

Reserved: 2026-06-09T07:44:35.388Z

Link: CVE-2026-53159

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T14:45:02Z

Weaknesses