{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31564", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.117Z", "datePublished": "2026-04-24T14:35:45.302Z", "dateUpdated": "2026-04-24T14:35:45.302Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-24T14:35:45.302Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()\n\nIn function kvm_eiointc_regs_access(), the register base address is\ncaculated from array base address plus offset, the offset is absolute\nvalue from the base address. The data type of array base address is\nu64, it should be converted into the \"void *\" type and then plus the\noffset."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kvm/intc/eiointc.c"], "versions": [{"version": "d3e43a1f34acbb9a814337fc5624765538e5a274", "lessThan": "c4f0a9481cf0dd7c71a07484bc98f2570fdb3a82", "status": "affected", "versionType": "git"}, {"version": "d3e43a1f34acbb9a814337fc5624765538e5a274", "lessThan": "6bcfb7f46d667b04bd1a1169ccedf5fb699c60df", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kvm/intc/eiointc.c"], "versions": [{"version": "6.19", "status": "affected"}, {"version": "0", "lessThan": "6.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c4f0a9481cf0dd7c71a07484bc98f2570fdb3a82"}, {"url": "https://git.kernel.org/stable/c/6bcfb7f46d667b04bd1a1169ccedf5fb699c60df"}], "title": "LoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()\n\nIn function kvm_eiointc_regs_access(), the register base address is\ncaculated from array base address plus offset, the offset is absolute\nvalue from the base address. The data type of array base address is\nu64, it should be converted into the \"void *\" type and then plus the\noffset."}], "id": "CVE-2026-31564", "lastModified": "2026-04-24T17:51:40.810", "metrics": {}, "published": "2026-04-24T15:16:30.850", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6bcfb7f46d667b04bd1a1169ccedf5fb699c60df"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c4f0a9481cf0dd7c71a07484bc98f2570fdb3a82"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{}

{}