VYPR
← All advisories
High severity7.3NVD Advisory· Published Apr 24, 2026· Updated Apr 27, 2026

CVE-2026-31569

CVE-2026-31569

Description

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: KVM: Handle the case that EIOINTC's coremap is empty

EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that cpuid >= 4.

This fix an out-of-bounds access to kvm_arch::phyid_map::phys_map[].

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel, a missing check for an empty coremap in LoongArch KVM's EIOINTC emulation leads to an out-of-bounds array access.

Vulnerability

Overview

A flaw was discovered in the Linux kernel's KVM subsystem for the LoongArch architecture. The function eiointc_update_sw_coremap() in the EIOINTC (External I/O Interrupt Controller) emulation can encounter a situation where the coremap is empty. When this occurs, the code incorrectly derives a CPU ID of -1, which is then used as an index into the kvm_arch::phyid_map::phys_map[] array. This results in an out-of-bounds memory access [1].

Exploitation and

Impact

An attacker with the ability to trigger the empty coremap condition within a KVM guest on a LoongArch host could cause the KVM host to read or write memory outside the intended for other kernel structures. The out-of-bounds access can lead to a denial of service (system crash) or potentially information disclosure. The vulnerability is triggered during interrupt controller emulation, which is a routine part of guest operations, making it reachable from a guest VM [1].

Mitigation

The fix, which has been applied to the stable kernel tree, ensures that when the coremap is empty, the code uses a CPU ID of 0 instead of -1, preventing the out-of-bounds access. This patch is included in the referenced commits [1][2][3]. Users should update their Linux kernel to a version containing this fix to mitigate the vulnerability.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

10
  • Linux/Kernel9 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.13.1,<6.18.21
    • cpe:2.3:o:linux:linux_kernel:6.13:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
  • Linux/Linux Kernel Rtllm-fuzzy

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.