VDB
CVE-2026-23429
CVE-2026-23429
PUBLISHED
Reported by Linux · Published April 3, 2026
In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommu_sva_unbind_device() domain->mm->iommu_mm can be freed by iommu_domain_free(): iommu_domain_free() mmdrop() __mmdrop() mm_pasid_drop() After iommu_domain_free() returns, accessing domain->mm->iommu_mm may dereference a freed mm structure, leading to a crash. Fix this by moving the code that accesses domain->mm->iommu_mm to before the call to iommu_domain_free().
EPSS 0.02% · 3.3th percentile
Risk Scores
EPSS Score
0.02%
3.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 9f0a7ab700f8620e433b05c57fbd26c92ea186d9, e37d5a2d60a338c5917c45296bac65da1382eda5, e37d5a2d60a338c5917c45296bac65da1382eda5 |
| Linux | Linux | 6.19, 0, 6.18.20 |
| Linux | Linux | *, 7.0-rc5, * |
| linux | linux_kernel | 6.19, 6.18.7, 6.19 |
Timeline
- Apr 3, 2026 CVE Published
- Apr 27, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
- May 26, 2026 EPSS Score
- May 27, 2026 EPSS Score