In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic
kvms390pciaifenable(), kvms390pciaifdisable(), and aenhostforward() index the GAIT by manually multiplying the index with sizeof(struct zpci_gaite).
Since aift->gait is already a struct zpci_gaite pointer, this double-scales the offset, accessing element aisb*16 instead of aisb.
This causes out-of-bounds accesses when aisb >= 32 (with ZPCINRDEVICES=512)
Fix by removing the erroneous sizeof multiplication.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52968.json",
"cna_assigner": "Linux"
}