CVE-2026-43253

iommu/amd: move wait_on_sem() out of spinlock

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move wait_on_sem() out of spinlock With iommu.strict=1, the existing completion wait path can cause soft
lockups under stressed environment, as wait_on_sem() busy-waits under the
spinlock with interrupts disabled. Move the completion wait in iommu_completion_wait() out of the spinlock.
wait_on_sem() only polls the hardware-updated cmd_sem and does not require
iommu->lock, so holding the lock during the busy wait unnecessarily
increases contention and extends the time with interrupts disabled.

*Credits: N/A

CVSS Scores

kernel.orgv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-05-01 CVE Reserved
2026-05-06 CVE Published
2026-05-11 CVE Updated
2026-05-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-667: Improper Locking

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/4bf5beef578e46393f11eb69dda7d17a065e05ff	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f2f65b28d802a667119147444ec2ae33eebf9a58	2026-03-04
https://git.kernel.org/stable/c/715c263119fd1b918a9fcbd8a36ea5b604a46324	2026-03-04
https://git.kernel.org/stable/c/e15768e68820142077bbca402d8e902f64ade1b0	2026-03-04
https://git.kernel.org/stable/c/496269d12072ecb219826485bdbec70c92a8eef5	2026-03-04
https://git.kernel.org/stable/c/d2a0cac10597068567d336e85fa3cbdbe8ca62bf	2026-01-10

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 6.6.128 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 6.6.128"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 6.12.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 6.12.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 6.18.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 6.18.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 6.19.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 6.19.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 7.0"		en		Affected