CVE-2026-53277
Received Received - Intake
KVM: arm64 SRCU Lock Missing in Page Table Walks

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walk_s1() and kvm_walk_nested_s2() expect to be called while holding kvm->srcu to guard against memslot changes. While this is generally the case, __kvm_at_s12() and __kvm_find_s1_desc_level() call into the respective walkers without taking kvm->srcu. Fix by acquiring kvm->srcu prior to the table walk in both instances.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53277
EUVD
EUVD-2026-39228
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's KVM (Kernel-based Virtual Machine) for the arm64 architecture. Specifically, certain functions involved in page table walks during fault injection and address translation emulation do not properly acquire the SRCU lock (kvm->srcu) as expected. The functions walk_s1() and kvm_walk_nested_s2() require holding this lock to guard against changes in memory slots, but __kvm_at_s12() and __kvm_find_s1_desc_level() call these walkers without acquiring the lock. This can lead to unsafe conditions during page table walks.

The fix involves acquiring the SRCU lock (kvm->srcu) before performing the page table walk in these instances to ensure proper synchronization and prevent potential issues.

Impact Analysis

This vulnerability involves improper locking in the Linux kernel's KVM subsystem for arm64 architectures, specifically related to page table walks during fault injection and address translation emulation. The issue arises because certain functions call page table walkers without holding the required SRCU lock, which is intended to guard against memory slot changes. This could potentially lead to race conditions or inconsistent memory state during virtualization operations.

The impact could include instability or incorrect behavior in virtualized environments running on affected Linux kernels, possibly leading to crashes or security issues related to memory management in KVM.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53277. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart