VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026

CVE-2023-53789

CVE-2023-53789

Description

In the Linux kernel, the following vulnerability has been resolved:

iommu/amd: Improve page fault error reporting

If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer derefence (see below sample log).

Lets check whether domain is setup or not and log appropriate message.

Sample log: ---------- amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6 BUG: kernel NULL pointer dereference, address: 0000000000000058 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 2 PID: 56 Comm: irq/24-AMD-Vi Not tainted 6.2.0-rc2+ #89 Hardware name: xxx RIP: 0010:report_iommu_fault+0x11/0x90 [...] Call Trace:

amd_iommu_int_thread+0x60c/0x760 ? __pfx_irq_thread_fn+0x10/0x10 irq_thread_fn+0x1f/0x60 irq_thread+0xea/0x1a0 ? preempt_count_add+0x6a/0xa0 ? __pfx_irq_thread_dtor+0x10/0x10 ? __pfx_irq_thread+0x10/0x10 kthread+0xe9/0x110 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2c/0x50

[joro: Edit commit message]

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A NULL pointer dereference in the AMD IOMMU page fault handler of the Linux kernel can be triggered when the IOMMU domain for a device group is not properly initialized.

The vulnerability resides in the AMD IOMMU driver's page fault handler (report_iommu_fault). When an IOMMU page fault occurs for a device group whose domain has not been set up, the handler assumes the domain pointer is valid and dereferences it without a NULL check, leading to a kernel NULL pointer dereference and system crash [1].

An attacker can exploit this by causing an IOMMU page fault on a device whose domain is uninitialized. This may occur due to misconfiguration, hardware issues, or deliberate triggering via a malicious or misbehaving device. The attack requires local access to the system and the ability to generate such faults, but no special privileges beyond that.

The impact is a denial of service: the kernel crashes with a NULL pointer dereference, as shown in the sample log where the AMD-Vi interrupt handler thread triggers an Oops. This can disrupt system availability.

The fix is implemented in Linux kernel commit be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a, which adds a check for a valid domain before dereferencing and logs an appropriate error message instead of crashing [1]. Users should apply kernel updates containing this patch.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Linux/Kernelinferred2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: < 6.2 (probably, fixed in stable kernels)

Patches

3
be8301e2d5a8
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
446080b353f0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
996d120b4de2
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.