Linux Kernel IOMMU Context Entry Setup Vulnerability for PCI Aliased Devices

Vulnerability

A vulnerability in the Linux kernel's IOMMU VT-d implementation has been addressed, which affected PCI aliased devices behind PCIe-to-PCI bridges. The issue arose from a change in the context entry setup order during domain attachment, leading to a regression where keyboards and touchpads stopped functioning on several Apple MacBook models. This disruption was caused by the IOMMU failing to properly manage device access, as indicated by fault messages related to read access permissions.

Impact

The vulnerability caused input devices, specifically keyboards and touchpads, to malfunction on affected Apple MacBook models.

Added: Jul 4, 2025, 2:55 PM

Updated: Jul 4, 2025, 2:55 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel IOMMU Context Entry Setup Vulnerability for PCI Aliased Devices

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating