CVE-2026-31569 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that cpuid >= 4. This fix an out-of-bounds access to kvm_arch::phyid_map::phys_map[].

PUBLISHED Reserved 2026-03-09 | Published 2026-04-24 | Updated 2026-04-27 | Assigner Linux

HIGH: 7.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

Product status

Default status

unaffected

3956a52bc05bd811082a3c9d2b423ee957e6fefc (git) before 126053d0a685bf1f2e98db8966386f38b2336338

affected

3956a52bc05bd811082a3c9d2b423ee957e6fefc (git) before 2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3

affected

3956a52bc05bd811082a3c9d2b423ee957e6fefc (git) before b97bd69eb0f67b5f961b304d28e9ba45e202d841

affected

Default status

affected

6.13

affected

Any version before 6.13

unaffected

6.18.21 (semver)

unaffected

6.19.11 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/126053d0a685bf1f2e98db8966386f38b2336338

git.kernel.org/...c/2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3

git.kernel.org/...c/b97bd69eb0f67b5f961b304d28e9ba45e202d841

cve.org (CVE-2026-31569)

nvd.nist.gov (CVE-2026-31569)

Download JSON

help @ threatint.eu