CVE-2026-53133
HIGH
Published Jun 25, 2026
Modified Jun 30, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes >= 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When __rdma_block_iter_next() reassembles the split SG entries it is overflowing the 32 bit stack values and computed the wrong DMA addresses for blocks after the truncation. Use the right types to hold DMA addresses.
CVSS v3.1 Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS — Exploit Prediction
0.0013
Probability of exploitation
0.03%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/15fe76e23615f502d051ef0768f86babaf08746c
https://git.kernel.org/stable/c/2ff4b7817e5b78070c30f5fb5e678e452a2628b3
https://git.kernel.org/stable/c/8fe0231adebe086c8a459c790944ac026cd99c6e
https://git.kernel.org/stable/c/ac1aad8e1281534ce936c250f68084fc79c5469e
https://git.kernel.org/stable/c/afd35fec9297195b759078745549c2671223f24f
https://git.kernel.org/stable/c/baf8685bcf56dc1efb44b8f6a57c42516e549068
https://git.kernel.org/stable/c/cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f
https://git.kernel.org/stable/c/dee2a49adeeb2a5e16a3fc858fa21b841c519802
Frequently Asked Questions
What is CVE-2026-53133? +
In the Linux kernel, the following vulnerability has been resolved:
RDMA/umem: Fix truncation for block sizes >= 4G
When the iommu is used the linearization of the mapping can give a single
block that is very large split across multiple SG entries.
When __rdma_block_iter_next() reassembles the split SG entries it is
overflowing the 32 bit stack values and computed the wrong DMA addresses
for blocks after the truncation.
Use the right types to hold DMA addresses. It has a CVSS v3.1 base score of 7.8 (HIGH).
How severe is CVE-2026-53133? +
CVE-2026-53133 has a CVSS v3.1 score of 7.8 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching. The EPSS score is 0.0013, placing it in the 0th percentile for exploitation probability.
How do I check if I'm vulnerable to CVE-2026-53133? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.