2461528 – (CVE-2026-31568) CVE-2026-31568 kernel: s390/mm: Add missing secure storage access fixups for donated memory

Bug 2461528 (CVE-2026-31568) - CVE-2026-31568 kernel: s390/mm: Add missing secure storage access fixups for donated memory

Summary: CVE-2026-31568 kernel: s390/mm: Add missing secure storage access fixups for ...

Keywords:
Status:	NEW
Alias:	CVE-2026-31568
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-24 15:06 UTC by OSIDB Bzimport
Modified:	2026-04-24 17:58 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-24 15:06:43 UTC

In the Linux kernel, the following vulnerability has been resolved:

s390/mm: Add missing secure storage access fixups for donated memory

There are special cases where secure storage access exceptions happen
in a kernel context for pages that don't have the PG_arch_1 bit
set. That bit is set for non-exported guest secure storage (memory)
but is absent on storage donated to the Ultravisor since the kernel
isn't allowed to export donated pages.

Prior to this patch we would try to export the page by calling
arch_make_folio_accessible() which would instantly return since the
arch bit is absent signifying that the page was already exported and
no further action is necessary. This leads to secure storage access
exception loops which can never be resolved.

With this patch we unconditionally try to export and if that fails we
fixup.

Comment 1 Keith Grant 2026-04-24 17:56:22 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31568-cefd@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.