CVE Catalog

CVE-2026-53200

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile — higher than 3% of all known CVEs

Summary

A vulnerability was found in the Linux kernel's KVM for ARM64, affecting the handling of the XN[0] bit when FEAT_XNX is not supported. The bug incorrectly uses FIELD_PREP() on the mask that clears XN[0], unconditionally granting execute permissions.

Risk Assessment

The organization faces the risk of unauthorized code execution within virtual machines, potentially leading to privilege escalation and breach of guest-host isolation.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit correcting the KVM/arm64 bug). Check your distribution for the patch and apply it in production environments.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX XN has already been extracted from its bitfield position so using FIELD_PREP() on the mask that clears XN[0] is completely broken, having the effect of unconditionally granting execute permissions... Fix the obvious mistake by manipulating the right bit.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS