Home

Description

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dma_addr + MVPP2_SKB_HEADROOM. The current CPU sync starts at dma_addr and only covers rx_bytes + MVPP2_MH_SIZE bytes, which syncs the unused headroom and misses the same number of bytes at the packet tail. On non-coherent DMA systems this can leave the CPU reading stale cache contents for the end of the received frame. Use dma_sync_single_range_for_cpu() with MVPP2_SKB_HEADROOM as the range offset so the sync covers the Marvell header and packet data actually written by hardware.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-25 | Updated 2026-06-25 | Assigner Linux

Product status

Default status
unaffected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before 60412bdd1b2576659eac23a23d2d9ff96228a643
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before 19f8bc139e9b149d1e5bf75ae761d1bb8dd3e7d8
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before a3ad9b5767c89531fc7dae951b51b0933dcf7051
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before bede0f481b9137d73d1cf64309cbe4b94818a5d6
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before 23548007b3c66d628fc7d6b80d1e23be04ea10d9
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before a13199fa224e9f776f4005d5037df03aa9ea8f37
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before e302206ad84a407a7e5f3f6fe767ff5efaace689
affected

e1921168bbd4810de4197446e52f652cd0dd9541 (git) before 180235600934bef6add3be637c296d6cf3272e67
affected

Default status
affected

5.5
affected

Any version before 5.5
unaffected

5.10.259 (semver)
unaffected

5.15.210 (semver)
unaffected

6.1.176 (semver)
unaffected

6.6.143 (semver)
unaffected

6.12.94 (semver)
unaffected

6.18.36 (semver)
unaffected

7.0.13 (semver)
unaffected

7.1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/60412bdd1b2576659eac23a23d2d9ff96228a643

git.kernel.org/...c/19f8bc139e9b149d1e5bf75ae761d1bb8dd3e7d8

git.kernel.org/...c/a3ad9b5767c89531fc7dae951b51b0933dcf7051

git.kernel.org/...c/bede0f481b9137d73d1cf64309cbe4b94818a5d6

git.kernel.org/...c/23548007b3c66d628fc7d6b80d1e23be04ea10d9

git.kernel.org/...c/a13199fa224e9f776f4005d5037df03aa9ea8f37

git.kernel.org/...c/e302206ad84a407a7e5f3f6fe767ff5efaace689

git.kernel.org/...c/180235600934bef6add3be637c296d6cf3272e67

cve.org (CVE-2026-53217)

nvd.nist.gov (CVE-2026-53217)

Download JSON