Impact
The vulnerability arises from omitting the required IOTINVAL call after updating Device Domain Table or Page Directory Table entries in the RISC‑V IOMMU subsystem. This omission can leave stale I/O TLB and context cache entries that may map to privileged device memory. Based on the description, it is inferred that a malicious kernel component could potentially read or modify memory regions that should have been invalidated, allowing possible elevation of privileges or corruption of protected resources. The vulnerability description does not explicitly state that unprivileged users can exploit the flaw.
Affected Systems
The Linux kernel for RISC‑V architectures, particularly those that enable the IOMMU subsystem. All builds running on RISC‑V CPUs that enable IOMMU support are potentially affected if they contain the older code path lacking the IOTINVAL invocation. Kernels that do not yet include the commit adding the required invalidation routine remain at risk.
Risk and Exploitability
The EPSS score is less than 1% and the vulnerability is not listed in the CISA KEV catalog, suggesting that exploitation at present is considered unlikely. It is inferred that the most realistic attack scenario involves a local kernel‑level adversary or a compromised device driver that can modify DDT or PDT entries. In that situation the failure to perform IOTINVAL could allow access to stale mappings, leading to confidentiality, integrity or availability impacts. The overall risk is therefore moderate: the probability of exploitation is low, but the potential impact could be significant if the flaw were leveraged. The CVSS score of 8.8 indicates high severity for this vulnerability.
OpenCVE Enrichment