2439915 – (CVE-2026-23174) CVE-2026-23174 kernel: nvme-pci: handle changing device dma map requirements

Bug 2439915 (CVE-2026-23174) - CVE-2026-23174 kernel: nvme-pci: handle changing device dma map requirements

Summary: CVE-2026-23174 kernel: nvme-pci: handle changing device dma map requirements

Keywords:
Status:	NEW
Alias:	CVE-2026-23174
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-14 17:02 UTC by OSIDB Bzimport
Modified:	2026-02-16 19:51 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-14 17:02:53 UTC

In the Linux kernel, the following vulnerability has been resolved:

nvme-pci: handle changing device dma map requirements

The initial state of dma_needs_unmap may be false, but change to true
while mapping the data iterator. Enabling swiotlb is one such case that
can change the result. The nvme driver needs to save the mapped dma
vectors to be unmapped later, so allocate as needed during iteration
rather than assume it was always allocated at the beginning. This fixes
a NULL dereference from accessing an uninitialized dma_vecs when the
device dma unmapping requirements change mid-iteration.

Comment 1 Alexander B 2026-02-16 18:17:37 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026021427-CVE-2026-23174-0b41@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.