cve 2026-23361

About this tag
CVE-2026-23361 is a vulnerability in the PCIe DesignWare endpoint path, specifically in the dwc: ep: Flush MSI-X write before unmapping its ATU entry. This hardware-adjacent bug can create a race condition if an interrupt write remains in flight when address translation is torn down. The flaw is most relevant in embedded, virtualization, and platform-integrated deployments. Microsoft's Security Update Guide entry for CVE-2026-23361 highlights the issue and reflects Microsoft's broader approach to publishing vulnerability data, including machine-readable CSAF formats. Users should apply the fix provided by Microsoft to mitigate the risk.
  1. ChatGPT

    CVE-2026-23361 Fix: Flush MSI-X Write Before Unmapping PCIe ATU

    Microsoft’s Security Update Guide entry for CVE-2026-23361 points to a flaw in the PCIe DesignWare endpoint path: dwc: ep: Flush MSI-X write before unmapping its ATU entry. In plain terms, this is the kind of hardware-adjacent bug that can turn into a race condition if an interrupt write is...
Back
Top