-
CVE-2026-52968
- EPSS 0.18%
- Veröffentlicht 24.06.2026 16:28:47
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvm_s390_pci_aif_enable(), kvm_s390_pci_aif_disable(), and aen_host_forward() index the GAIT by manually multiplying the index with sizeof(struct zpci_gaite). Since aift->gait is already a struct zpci_gaite pointer, this double-scales the offset, accessing element aisb*16 instead of aisb. This causes out-of-bounds accesses when aisb >= 32 (with ZPCI_NR_DEVICES=512) Fix by removing the erroneous sizeof multiplication.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
31a9d9f9942885aae356a1a57c79e82c5b5b0828
Status
affected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
a99a25db131ece5e6c0f7632da606de631efe4f2
Status
affected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
11b8ff5b930b351dd1f6f088dce0beb027ac92d0
Status
affected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
b22a2da8792a7bfe743c1a922e77fa499ddedbe8
Status
affected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
e7216651b94e92e5433fb2f54b77864642b4ea48
Status
affected
Version
73f91b004321f2510fa79e66035dbbf1870fcf56
Version <
16d990a15491cf76cd6eef0846e1b4100e63261a
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.0
Status
affected
Version
0
Version <
6.0
Status
unaffected
Version <=
6.1.*
Version
6.1.175
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.078 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/31a9d9f9942885aae356a1a57c79e82c5b5b0828
https://git.kernel.org/stable/c/a99a25db131ece5e6c0f7632da606de631efe4f2
https://git.kernel.org/stable/c/11b8ff5b930b351dd1f6f088dce0beb027ac92d0
https://git.kernel.org/stable/c/b22a2da8792a7bfe743c1a922e77fa499ddedbe8
https://git.kernel.org/stable/c/e7216651b94e92e5433fb2f54b77864642b4ea48
https://git.kernel.org/stable/c/16d990a15491cf76cd6eef0846e1b4100e63261a