CVE-2026-31569

Published: Apr 24, 2026

Modified: May 11, 2026

PUBLISHED

CVSS v3.1

7.3

HIGH

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that cpuid >= 4. This fix an out-of-bounds access to kvm_arch::phyid_map::phys_map[].

Vendor	Product	Versions
Linux	Linux	affected `3956a52bc05bd811082a3c9d2b423ee957e6fefc - < 126053d0a685bf1f2e98db8966386f38b2336338` affected `3956a52bc05bd811082a3c9d2b423ee957e6fefc - < 2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3` affected `3956a52bc05bd811082a3c9d2b423ee957e6fefc - < b97bd69eb0f67b5f961b304d28e9ba45e202d841`
Linux	Linux	affected `6.13` unaffected `0 - < 6.13` unaffected `6.18.21 - <= 6.18.` unaffected `6.19.11 - <= 6.19.` unaffected `7.0 - <= *`

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

High

References

https://git.kernel.org/stable/c/126053d0a685bf1f2e98db8966386f38b2336338

https://git.kernel.org/stable/c/2a0cbcd28ecf6e0b88fa498bebb94bd1be61a7c3

https://git.kernel.org/stable/c/b97bd69eb0f67b5f961b304d28e9ba45e202d841

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31569

Description

Affected Products

CVSS v3.1 Details

References