8.8

CVE-2026-53277

KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation

walk_s1() and kvm_walk_nested_s2() expect to be called while holding
kvm->srcu to guard against memslot changes. While this is generally
the case, __kvm_at_s12() and __kvm_find_s1_desc_level() call into the
respective walkers without taking kvm->srcu.

Fix by acquiring kvm->srcu prior to the table walk in both instances.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.12 < 6.18.36
LinuxLinux Kernel Version >= 6.19 < 7.0.13
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
LinuxLinux Kernel Version7.1 Updaterc3
LinuxLinux Kernel Version7.1 Updaterc4
LinuxLinux Kernel Version7.1 Updaterc5
LinuxLinux Kernel Version7.1 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.018
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 8.8 2 6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-662 Improper Synchronization

The product utilizes multiple threads, processes, components, or systems to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

CWE-820 Missing Synchronization

The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.

https://git.kernel.org/stable/c/97706097f9b851cfe55c3b00b083dfc2bcf542bc
Patch
https://git.kernel.org/stable/c/ec42b4ed1b072ea2d03f086061aa67bad6d8de39
Patch
https://git.kernel.org/stable/c/f2ca45b50d4216c9cc7ffabf50d9ad1932209251
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=2492725
Third Party Advisory
Issue Tracking
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53277.json
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2026-53277
Third Party Advisory