Description
In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX

XN has already been extracted from its bitfield position so using
FIELD_PREP() on the mask that clears XN[0] is completely broken, having
the effect of unconditionally granting execute permissions...

Fix the obvious mistake by manipulating the right bit.
Published: 2026-06-25
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the Linux kernel’s KVM memory handling incorrectly clears the XN (execute never) flag for certain pages when the FEAT_XNX feature is not enabled. The bug causes the kernel to unconditionally grant execute permissions to memory that should be non‑executable, effectively allowing any process that can target that memory region to run code that was intended to be protected.

Affected Systems

The issue is limited to Linux kernel implementations that use KVM with arm64 architecture. Any host system running a kernel version containing the flawed code and configured without FEAT_XNX enables the vulnerability.

Risk and Exploitability

No EPSS value is provided and the vulnerability is not listed in CISA KEV, so public exploitation data is not available. The defect could be leveraged by an attacker with the ability to influence KVM memory mapping, allowing execution of arbitrary code within a guest or host context. The absence of an official CVSS score makes it difficult to quantitatively rate severity, but the nature of the flaw suggests a high potential impact if exploited.

Generated by OpenCVE AI on June 25, 2026 at 11:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a release that contains the fix for the XN[0] handling bug
  • Ensure that KVM is configured with FEAT_XNX enabled or that memory mappings for guest code are protected by non‑executable attributes
  • Deploy the vendor‑supplied kernel update or apply the official patch directly from the Linux kernel sources if no update has been released yet

Generated by OpenCVE AI on June 25, 2026 at 11:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX XN has already been extracted from its bitfield position so using FIELD_PREP() on the mask that clears XN[0] is completely broken, having the effect of unconditionally granting execute permissions... Fix the obvious mistake by manipulating the right bit.
Title KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-25T08:39:08.968Z

Reserved: 2026-06-09T07:44:35.391Z

Link: CVE-2026-53200

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T11:45:03Z

Weaknesses