CVE-2026-43220

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/amd: serialize sequence allocation under concurrent TLB invalidations<br /> <br /> With concurrent TLB invalidations, completion wait randomly gets timed out<br /> because cmd_sem_val was incremented outside the IOMMU spinlock, allowing<br /> CMD_COMPL_WAIT commands to be queued out of sequence and breaking the<br /> ordering assumption in wait_on_sem().<br /> Move the cmd_sem_val increment under iommu-&gt;lock so completion sequence<br /> allocation is serialized with command queuing.<br /> And remove the unnecessary return.