7.1

CVE-2026-31568

EPSS 0.01%
Veröffentlicht 24.04.2026 14:35:48
Zuletzt bearbeitet 27.04.2026 20:32:54
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

s390/mm: Add missing secure storage access fixups for donated memory

In the Linux kernel, the following vulnerability has been resolved:

s390/mm: Add missing secure storage access fixups for donated memory

There are special cases where secure storage access exceptions happen
in a kernel context for pages that don't have the PG_arch_1 bit
set. That bit is set for non-exported guest secure storage (memory)
but is absent on storage donated to the Ultravisor since the kernel
isn't allowed to export donated pages.

Prior to this patch we would try to export the page by calling
arch_make_folio_accessible() which would instantly return since the
arch bit is absent signifying that the page was already exported and
no further action is necessary. This leads to secure storage access
exception loops which can never be resolved.

With this patch we unconditionally try to export and if that fails we
fixup.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 10 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.7.1 < 6.18.21

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.11

Linux ≫ Linux Kernel Version5.7 Update-

Linux ≫ Linux Kernel Version7.0 Updaterc1

Linux ≫ Linux Kernel Version7.0 Updaterc2

Linux ≫ Linux Kernel Version7.0 Updaterc3

Linux ≫ Linux Kernel Version7.0 Updaterc4

Linux ≫ Linux Kernel Version7.0 Updaterc5

Linux ≫ Linux Kernel Version7.0 Updaterc6

Linux ≫ Linux Kernel Version7.0 Updaterc7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.022

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/b36b0e804aee5f20c6798dbeaeaa7cfdb7c6cf88

Patch

https://git.kernel.org/stable/c/43ac2d18db1131df0a89993f709131ebfc29f3bd

Patch

https://git.kernel.org/stable/c/b00be77302d7ec4ad0367bb236494fce7172b730

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31568

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31568

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31568

EUVD