CVE-2026-31569
HIGH EPSS 2.1%
Published Apr 24, 20262mo ago · Modified Jun 17, 20262w ago
7.3 CVSS 3.1
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that cpuid >= 4. This fix an out-of-bounds access to kvm_arch::phyid_map::phys_map[].
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality Low
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-125 Out-of-bounds Read Memory Safety
Affected Products 10
References 3
- git.kernel.org https://git.kernel.org/stable/c/126053d0a685bf1f2e98db8966386f38b2336338
- git.kernel.org https://git.kernel.org/stable/c/2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3
- git.kernel.org https://git.kernel.org/stable/c/b97bd69eb0f67b5f961b304d28e9ba45e202d841
Remediation
- git.kernel.org https://git.kernel.org/stable/c/126053d0a685bf1f2e98db8966386f38b2336338
- git.kernel.org https://git.kernel.org/stable/c/2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3
- git.kernel.org https://git.kernel.org/stable/c/b97bd69eb0f67b5f961b304d28e9ba45e202d841