Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Linux Kernel Vulnerability: Privilege Escalation Through Memory Corruption
CVE-2026-0029
Summary
A bug in the Linux kernel's pkvm module allows attackers to take control of the system without needing extra permissions. This can happen without any user interaction, making it a significant security concern. To mitigate this risk, update your Linux system to the latest version of the kernel or apply a patch if available.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | All versions | – |
Original title
In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed....
Original description
In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-269
Improper Privilege Management
- https://android.googlesource.com/kernel/common/+/42eff3b2fd3a906ac8cdb6284d3265b... Patch Product
- https://android.googlesource.com/kernel/common/+/749cf1743eb22eff1851c68a533147e... Patch Product
- https://android.googlesource.com/kernel/common/+/ae242b26371808a221578b89c937568... Patch Product
- https://source.android.com/docs/security/bulletin/2026/2026-03-01
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026