CVE-2026-31568
Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Vulnerability report for CVE-2026-31568, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-24

Last updated on: 2026-04-27

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add missing secure storage access fixups for donated memory There are special cases where secure storage access exceptions happen in a kernel context for pages that don't have the PG_arch_1 bit set. That bit is set for non-exported guest secure storage (memory) but is absent on storage donated to the Ultravisor since the kernel isn't allowed to export donated pages. Prior to this patch we would try to export the page by calling arch_make_folio_accessible() which would instantly return since the arch bit is absent signifying that the page was already exported and no further action is necessary. This leads to secure storage access exception loops which can never be resolved. With this patch we unconditionally try to export and if that fails we fixup.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-24
Last Modified
2026-04-27
Generated
2026-07-06
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 10 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.7
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.19 (inc) to 6.19.11 (exc)
linux linux_kernel From 5.7.1 (inc) to 6.18.21 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
AI Quick Actions have not been generated yet.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31568. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart