Yi Liu

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.13.0-rc1-00028-g4b50c3c3b998-dirty **Description** A NULL pointer dereference issue has been resolved in the Linux kernel's iommu/vt-d component. The issue occurs when trying to map pages to a nested parent domain, resulting in a NULL dereference. Additionally, there is a potential memory leak due to the lack of a lock around the domain->qi batch allocation. The issue is fixed by adding a helper for qi batch allocation and calling it in both the cache tag assign domain() and cache tag assign parent domain() functions. **Recommendations** To resolve the issue, update to a version of the Linux kernel that includes the fix for the qi batch NULL pointer dereference. As a temporary workaround, consider disabling the `iommu map()` function until a patch is available. Restrict access to the `intel iommu iotlb sync map()` function to minimize the risk of exploitation. Avoid using the `domain->qi batch` variable in the affected API endpoints until the issue is resolved. Apply the patch that adds a helper for qi batch allocation and calls it in both the ` cache tag assign domain()` and ` cache tag assign parent domain()` functions.