CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walk_s1() and kvm_walk_nested_s2() expect to be called while holding kvm->srcu to guard against memslot changes. While this is generally the case, __kvm_at_s12() and __kvm_find_s1_desc_level() call into the respective walkers without taking kvm->srcu. Fix by acquiring kvm->srcu prior to the table walk in both instances.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/97706097f9b851cfe55c3b00b083dfc2bcf542bc
https://git.kernel.org/stable/c/ec42b4ed1b072ea2d03f086061aa67bad6d8de39
https://git.kernel.org/stable/c/f2ca45b50d4216c9cc7ffabf50d9ad1932209251

Configurations

No configuration.

History

25 Jun 2026, 09:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-25 09:16

Updated : 2026-06-25 09:16

NVD link : CVE-2026-53277

Mitre link : CVE-2026-53277

CVE.ORG link : CVE-2026-53277

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"id": "CVE-2026-53277", "cveTags": [], "metrics": {}, "affected": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "affectedData": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "be04cebf3e78874627dc1042991d5d504464a5cc", "lessThan": "97706097f9b851cfe55c3b00b083dfc2bcf542bc", "versionType": "git"}, {"status": "affected", "version": "be04cebf3e78874627dc1042991d5d504464a5cc", "lessThan": "ec42b4ed1b072ea2d03f086061aa67bad6d8de39", "versionType": "git"}, {"status": "affected", "version": "be04cebf3e78874627dc1042991d5d504464a5cc", "lessThan": "f2ca45b50d4216c9cc7ffabf50d9ad1932209251", "versionType": "git"}], "programFiles": ["arch/arm64/kvm/at.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.12"}, {"status": "unaffected", "version": "0", "lessThan": "6.12", "versionType": "semver"}, {"status": "unaffected", "version": "6.18.36", "versionType": "semver", "lessThanOrEqual": "6.18.*"}, {"status": "unaffected", "version": "7.0.13", "versionType": "semver", "lessThanOrEqual": "7.0.*"}, {"status": "unaffected", "version": "7.1", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/arm64/kvm/at.c"], "defaultStatus": "affected"}]}], "published": "2026-06-25T09:16:45.897", "references": [{"url": "https://git.kernel.org/stable/c/97706097f9b851cfe55c3b00b083dfc2bcf542bc", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ec42b4ed1b072ea2d03f086061aa67bad6d8de39", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f2ca45b50d4216c9cc7ffabf50d9ad1932209251", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation\n\nwalk_s1() and kvm_walk_nested_s2() expect to be called while holding\nkvm->srcu to guard against memslot changes. While this is generally\nthe case, __kvm_at_s12() and __kvm_find_s1_desc_level() call into the\nrespective walkers without taking kvm->srcu.\n\nFix by acquiring kvm->srcu prior to the table walk in both instances."}], "lastModified": "2026-06-25T09:16:45.897", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}