Home / Vulnerability Intelligence / CVE-2026-31553

CVE-2026-31553 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 27, 2026

Linux Kernel KVM arm64 - Memory Corruption

Published: April 24, 2026Updated: April 27, 2026

Overview

Linux kernel KVM arm64 contains a logic error in __kvm_at_swap_desc() caused by incorrect calculation of descriptor virtual addresses, letting attackers potentially cause memory corruption, exploit requires kernel-level access.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Attackers with kernel access can cause memory corruption, potentially leading to system instability or privilege escalation.

Mitigation

Update to the latest Linux kernel version with the fix applied.

References

https://git.kernel.org/stable/c/0496acc42fb51eee040b5170cec05cec41385540
https://git.kernel.org/stable/c/4307e05e568782fc92eff651b09ee5dee88a058d

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-31553
Severity: High
CVSS Score: 8.8
Type: undefined
Status: unconfirmed

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H