CVE-2026-31569

A flaw was found in the Linux kernel's Kernel-based Virtual Machine (KVM) component. When a specific internal data structure, known as EIOINTC's coremap, is empty, the system incorrectly processes a processor ID. This error can lead to an out-of-bounds memory access, meaning the system tries to read or write data beyond its allocated memory space. Such an issue could result in system instability, causing the system to crash, or potentially lead to the disclosure of sensitive information.