CVE-2026-31553

Published: Apr 24, 2026Modified: Apr 27, 2026

8.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 2.0 / Impact: 6.0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc() Using "(u64 __user *)hva + offset" to get the virtual addresses of S1/S2 descriptors looks really wrong, if offset is not zero. What we want to get for swapping is hva + offset, not hva + offset*8. ;-) Fix it.

Affected (9)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.19.1 to 6.19.11
Linux Linux Kernel	Version 6.19
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7

References (2)

https://git.kernel.org/stable/c/0496acc42fb51eee040b5170cec05cec41385540

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4307e05e568782fc92eff651b09ee5dee88a058d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.