Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-53322

Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
26/06/2026
Última modificación:
30/06/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vfio/pci: Clean up DMABUFs before disabling function<br /> <br /> On device shutdown, make vfio_pci_core_close_device() call<br /> vfio_pci_dma_buf_cleanup() before the function is disabled via<br /> vfio_pci_core_disable(). This ensures that all access via DMABUFs is<br /> revoked before the function&amp;#39;s BARs become inaccessible.<br /> <br /> This fixes an issue where, if the function is disabled first, a tiny<br /> window exists in which the function&amp;#39;s MSE is cleared and yet BARs<br /> could still be accessed via the DMABUF. The resources would also be<br /> freed and up for grabs by a different driver.