CVE-2026-31553

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc() Using "(u64 __user *)hva + offset" to get the virtual addresses of S1/S2 descriptors looks really wrong, if offset is not zero. What we want to get for swapping is hva + offset, not hva + offset*8. ;-) Fix it.

References

• https://git.kernel.org/stable/c/0496acc42fb51eee040b5170cec05cec41385540
• https://git.kernel.org/stable/c/4307e05e568782fc92eff651b09ee5dee88a058d