Vulnerability Details CVE-2026-31553
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc()
Using "(u64 __user *)hva + offset" to get the virtual addresses of S1/S2
descriptors looks really wrong, if offset is not zero. What we want to get
for swapping is hva + offset, not hva + offset*8. ;-)
Fix it.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.0%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2026-31553
-
cpe:2.3:o:linux:linux_kernel:6.19
-
cpe:2.3:o:linux:linux_kernel:6.19.1
-
cpe:2.3:o:linux:linux_kernel:6.19.3
-
cpe:2.3:o:linux:linux_kernel:6.19.4
-
cpe:2.3:o:linux:linux_kernel:7.0