CVE-2026-31564

MEDIUM

LoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access() In function kvm_eiointc_regs_access(), the register base address is caculated from array base address plus offset, the offset is absolute value from the base address. The data type of array base address is u64, it should be converted into the "void *" type and then plus the offset.

References (2)

Core 2

Core References

https://git.kernel.org/stable/c/c4f0a9481cf0dd7c71a07484bc98f2570fdb3a82

https://git.kernel.org/stable/c/6bcfb7f46d667b04bd1a1169ccedf5fb699c60df

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 3.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (9)

Linux/Linux < 6.19

Linux/Linux 6.19

Linux/Linux 6.19.11 - 6.19.*

Linux/Linux 7.0

Linux/Linux d3e43a1f34acbb9a814337fc5624765538e5a274 - 6bcfb7f46d667b04bd1a1169ccedf5fb699c60df

Linux/Linux d3e43a1f34acbb9a814337fc5624765538e5a274 - c4f0a9481cf0dd7c71a07484bc98f2570fdb3a82

linux/linux_kernel 6.19

linux/linux_kernel 7.0 rc1 (7 CPE variants)

linux/linux_kernel 6.19.1 - 6.19.11

Published Apr 24, 2026

Tracked Since Apr 24, 2026