Impact
The kernel fails to guard against zero‑length regions when mapping with SWIOTLB, causing the iommupt implementation to reject the request and triggering an error unwind that corrupts internal mapping state. This omission leads to a WARN_ON during cleanup, indicating a kernel consistency violation that could result in a system crash or unpredictable behavior. The flaw reflects improper handling of buffer copies without length checks and accessing a buffer with an incorrect length value (CWE‑805), and manifests when unaligned buffers are passed from thunderbolt NVMe devices, particularly through smartctl passthrough commands.
Affected Systems
The vulnerability affects the Linux kernel, as identified by the vendor listing of Linux:Linux. No specific kernel version range is supplied in the data, so all kernels potentially containing the unpatched routine are considered susceptible until patch information is applied.
Risk and Exploitability
Because the flaw is triggered by a specific hardware interaction that forces SWIOTLB usage with oddly aligned buffers, an attacker would need to cause such a condition on the target system. The CVSS score of 5.5 indicates moderate risk, while the EPSS score of < 1% shows a very low probability of exploitation. The issue is not listed in CISA KEV, so there is currently no evidence of active exploitation.
OpenCVE Enrichment