Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: atmel-tdes - fix DMA sync direction

Before DMA output is consumed by the CPU, ->dma_addr_out must be synced
with dma_sync_single_for_cpu() instead of dma_sync_single_for_device().
Using the wrong direction can return stale cache data on non-coherent
platforms.
Published: 2026-05-27
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The atmel‑tdes crypto driver in the Linux kernel incorrectly uses dma_sync_single_for_device() to sync DMA memory before the CPU processes data produced by the device. The correct function is dma_sync_single_for_cpu(). Using the wrong direction can leave stale cache entries visible to the CPU on non‑coherent systems, causing the CPU to read outdated or incorrect data from the DMA buffer. This flaw reflects a cache‑coherency handling weakness (CWE‑821).

Affected Systems

All publicly released Linux kernel versions that contain the unpatched atmel‑tdes driver are vulnerable. The advisory does not specify exact version numbers; any kernel build published before the fix commit is at risk, especially when run on hardware where DMA memory is not automatically coherent with the CPU.

Risk and Exploitability

The EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, indicating a very low but non‑zero likelihood of exploitation. The flaw does not provide remote code execution or privilege escalation. Exploitation would require the ability to invoke the atmel‑tdes crypto API from a privileged context (e.g., a kernel module or user program with CAP_SYS_ADMIN) and a platform that performs non‑coherent DMA, making the attack vector local with kernel access.

Generated by OpenCVE AI on May 29, 2026 at 07:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the atmel‑tdes DMA synchronization fix.
  • If a full kernel upgrade is impractical, cherry‑pick or backport the specific patch commits that change dma_sync_single_for_device() to dma_sync_single_for_cpu() in the atmel‑tdes driver and rebuild the kernel.
  • On systems that rely on non‑coherent DMA memory, consider disabling or restricting use of the atmel‑tdes crypto driver until the kernel is patched.

Generated by OpenCVE AI on May 29, 2026 at 07:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
References

Fri, 29 May 2026 06:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-821
References

Wed, 27 May 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, ->dma_addr_out must be synced with dma_sync_single_for_cpu() instead of dma_sync_single_for_device(). Using the wrong direction can return stale cache data on non-coherent platforms.
Title crypto: atmel-tdes - fix DMA sync direction
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-14T17:52:37.968Z

Reserved: 2026-05-13T15:03:33.096Z

Link: CVE-2026-46077

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:29.040

Modified: 2026-06-01T17:17:22.537

Link: CVE-2026-46077

cve-icon Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-46077 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T07:30:36Z

Weaknesses
  • CWE-821

    Incorrect Synchronization