KVM Vulnerability in Linux Kernel Impacting Page Table Management
CVE-2026-53277

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-53277?

A vulnerability in the KVM component of the Linux Kernel can occur during page table walks, specifically in fault injection and AT emulation processes. Functions such as walk_s1() and kvm_walk_nested_s2() are designed to operate under the protection of the SRCU lock. However, certain operations bypass this safeguard, leading to potential inconsistencies and exposure to memslot changes. The issue has been addressed by ensuring the acquisition of the SRCU lock before executing critical table walks, thus enhancing the security and stability of the virtualized environment.

Affected Version(s)

Linux be04cebf3e78874627dc1042991d5d504464a5cc < 97706097f9b851cfe55c3b00b083dfc2bcf542bc

Linux be04cebf3e78874627dc1042991d5d504464a5cc

References

https://git.kernel.org/stable/c/97706097f9b851cfe55c3b00b...

https://git.kernel.org/stable/c/ec42b4ed1b072ea2d03f08606...

https://git.kernel.org/stable/c/f2ca45b50d4216c9cc7ffabf5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53277 Data

JSON