diff --git a/core/modules/comment/src/CommentAccessControlHandler.php b/core/modules/comment/src/CommentAccessControlHandler.php
index bcb0fd7a082b6bee5aa25c9bde70f01575cfafea..6e811a97d31f6ecbeb61526b38f5dce022686c48 100644
--- a/core/modules/comment/src/CommentAccessControlHandler.php
+++ b/core/modules/comment/src/CommentAccessControlHandler.php
@@ -45,7 +45,12 @@ protected function checkAccess(EntityInterface $entity, $operation, AccountInter
         return $access_result;
 
       case 'update':
-        return AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        $access_result = AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))
+          ->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        if (!$access_result->isAllowed()) {
+          $access_result->setReason("The 'edit own comments' permission is required, the user must be the comment author, and the comment must be published.");
+        }
+        return $access_result;
 
       default:
         // No opinion.
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/Comment/CommentResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/Comment/CommentResourceTestBase.php
index d3098545cdfe0d06cd14c7a8d75a30fed601937d..768fb742a983000239048728bae19f46b58ff61e 100644
--- a/core/modules/rest/tests/src/Functional/EntityResource/Comment/CommentResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/Comment/CommentResourceTestBase.php
@@ -335,6 +335,8 @@ protected function getExpectedUnauthorizedAccessMessage($method) {
         return "The 'access comments' permission is required and the comment must be published.";
       case 'POST';
         return "The 'post comments' permission is required.";
+      case 'PATCH';
+        return "The 'edit own comments' permission is required, the user must be the comment author, and the comment must be published.";
       default:
         return parent::getExpectedUnauthorizedAccessMessage($method);
     }