Use-After-Free Vulnerability in Linux Kernel Affecting KVM x86 Products
CVE-2026-53359
What is CVE-2026-53359?
A vulnerability has been identified in the Linux kernel concerning the KVM x86 module, specifically a use-after-free scenario due to an unexpected role in shadow paging. This issue arises when a host modifies a Page Directory Entry (PDE) mapping from outside a guest virtual machine and subsequently drops a memory slot. As a result, the removal of certain entries fails due to a mismatch between the GFN of the shadow page table entry (SPTE) and that of the associated KVM memory management unit (MMU) page, potentially leading to dereferencing freed memory. This vulnerability underscores the importance of proper GFN handling and rigorous checks during memory allocations and deallocations within the kernel.
Affected Version(s)
Linux 2032a93d66fa282ba0f2ea9152eeff9511fa9a96
Linux 2032a93d66fa282ba0f2ea9152eeff9511fa9a96 < 9291654d69e08542de37755cebe4d5b02c3170d1
Linux 2032a93d66fa282ba0f2ea9152eeff9511fa9a96 < 2ad3afa40ac6aa340dada122f9abfa46c0a6eb35