CVE-2026-31553

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc()

Using “(u64 __user *)hva + offset” to get the virtual addresses of S1/S2
descriptors looks really wrong, if offset is not zero. What we want to get
for swapping is hva + offset, not hva + offset*8. 😉

Fix it.

More information : https://git.kernel.org/stable/c/0496acc42fb51eee040b5170cec05cec41385540