CVE-2026-53200

HIGH

KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX XN has already been extracted from its bitfield position so using FIELD_PREP() on the mask that clears XN[0] is completely broken, having the effect of unconditionally granting execute permissions... Fix the obvious mistake by manipulating the right bit.

Scores

CVSS v3 8.8
EPSS 0.0013
EPSS Percentile 2.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

Status published
Products (9)
linux/Kernel 6.19.0 - 7.0.13linux
Linux/Linux < 6.19
Linux/Linux 6.19
Linux/Linux 7.0.13 - 7.0.*
Linux/Linux 7.1
Linux/Linux d93febe2ed2e0491af9d47f0ee6d4b01918877f4 - 49b32ddb87a3a109afecea89e55d70f73956b8bc
Linux/Linux d93febe2ed2e0491af9d47f0ee6d4b01918877f4 - b95976c2ea446044553a5f469c0bae13553d75ab
linux/linux_kernel 7.1 rc1 (6 CPE variants)
linux/linux_kernel 6.19 - 7.0.13
Published Jun 25, 2026
Tracked Since Jun 25, 2026