PT-2026-51862 · Linux · Linux
Published
2026-06-24
·
Updated
2026-06-24
·
CVE-2026-52968
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic
kvm s390 pci aif enable(), kvm s390 pci aif disable(), and
aen host forward() index the GAIT by manually multiplying the index
with sizeof(struct zpci gaite).
Since aift->gait is already a struct zpci gaite pointer, this
double-scales the offset, accessing element aisb*16 instead of aisb.
This causes out-of-bounds accesses when aisb >= 32 (with
ZPCI NR DEVICES=512)
Fix by removing the erroneous sizeof multiplication.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux