{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31568", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.117Z", "datePublished": "2026-04-24T14:35:48.125Z", "dateUpdated": "2026-04-24T14:35:48.125Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-24T14:35:48.125Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/mm: Add missing secure storage access fixups for donated memory\n\nThere are special cases where secure storage access exceptions happen\nin a kernel context for pages that don't have the PG_arch_1 bit\nset. That bit is set for non-exported guest secure storage (memory)\nbut is absent on storage donated to the Ultravisor since the kernel\nisn't allowed to export donated pages.\n\nPrior to this patch we would try to export the page by calling\narch_make_folio_accessible() which would instantly return since the\narch bit is absent signifying that the page was already exported and\nno further action is necessary. This leads to secure storage access\nexception loops which can never be resolved.\n\nWith this patch we unconditionally try to export and if that fails we\nfixup."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/mm/fault.c"], "versions": [{"version": "084ea4d611a3d00ee3930400b262240e10895900", "lessThan": "b36b0e804aee5f20c6798dbeaeaa7cfdb7c6cf88", "status": "affected", "versionType": "git"}, {"version": "084ea4d611a3d00ee3930400b262240e10895900", "lessThan": "43ac2d18db1131df0a89993f709131ebfc29f3bd", "status": "affected", "versionType": "git"}, {"version": "084ea4d611a3d00ee3930400b262240e10895900", "lessThan": "b00be77302d7ec4ad0367bb236494fce7172b730", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/mm/fault.c"], "versions": [{"version": "5.7", "status": "affected"}, {"version": "0", "lessThan": "5.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.21", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.18.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b36b0e804aee5f20c6798dbeaeaa7cfdb7c6cf88"}, {"url": "https://git.kernel.org/stable/c/43ac2d18db1131df0a89993f709131ebfc29f3bd"}, {"url": "https://git.kernel.org/stable/c/b00be77302d7ec4ad0367bb236494fce7172b730"}], "title": "s390/mm: Add missing secure storage access fixups for donated memory", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/mm: Add missing secure storage access fixups for donated memory\n\nThere are special cases where secure storage access exceptions happen\nin a kernel context for pages that don't have the PG_arch_1 bit\nset. That bit is set for non-exported guest secure storage (memory)\nbut is absent on storage donated to the Ultravisor since the kernel\nisn't allowed to export donated pages.\n\nPrior to this patch we would try to export the page by calling\narch_make_folio_accessible() which would instantly return since the\narch bit is absent signifying that the page was already exported and\nno further action is necessary. This leads to secure storage access\nexception loops which can never be resolved.\n\nWith this patch we unconditionally try to export and if that fails we\nfixup."}], "id": "CVE-2026-31568", "lastModified": "2026-04-24T17:51:40.810", "metrics": {}, "published": "2026-04-24T15:16:31.313", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/43ac2d18db1131df0a89993f709131ebfc29f3bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b00be77302d7ec4ad0367bb236494fce7172b730"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b36b0e804aee5f20c6798dbeaeaa7cfdb7c6cf88"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: s390/mm: Add missing secure storage access fixups for donated memory", "id": "2461528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461528"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-248", "details": ["A flaw was found in the Linux kernel. This vulnerability, located in the s390/mm component, is due to missing secure storage access fixups for memory donated to the Ultravisor. When secure storage access exceptions occur for such memory, the kernel can enter an unresolvable loop. This can lead to a system hang or crash, resulting in a Denial of Service (DoS)."], "name": "CVE-2026-31568", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31568\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31568\nhttps://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31568-cefd@gregkh/T"], "threat_severity": "Moderate"}

{}