ГлавнаяУязвимости → CVE-2026-31553
8.8высокая

CVE-2026-31553

Описание

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc() Using "(u64 __user *)hva + offset" to get the virtual addresses of S1/S2 descriptors looks really wrong, if offset is not zero. What we want to get for swapping is hva + offset, not hva + offset*8. ;-) Fix it.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/0496acc42fb51eee040b5170cec05cec41385540https://git.kernel.org/stable/c/4307e05e568782fc92eff651b09ee5dee88a058d