kvm security

Linux kernel maintainers published CVE-2026-46113 on May 28, 2026, describing a KVM x86 shadow paging use-after-free flaw that can leave stale reverse-map entries after an unexpected guest frame number appears in a shadow page. The bug is ugly not because it has a catchy exploit name, but...

CVE-2026-45987 is a newly published Linux kernel KVM vulnerability, disclosed by kernel.org and listed by NVD on May 27, 2026, involving AMD nested virtualization state handling that can cause an L2 virtual machine to hang after restore or migration. The bug is not a flashy remote-code-execution...

CVE-2026-46071 is a Linux kernel KVM vulnerability published by NVD on May 27, 2026, affecting AMD nested virtualization code where KVM’s nSVM path incorrectly dirtied the LBR clean bit in a guest-owned VMCB during nested VM exit handling. The fix is small, but the signal is not: modern...

CVE-2026-31588 is the kind of Linux kernel flaw that looks tiny in code review and important in production: a narrow KVM x86 MMIO use-after-free triggered by page-splitting emulated writes, userspace exits, and stale stack-backed data. The fix changes how small write values are stored when KVM...

A small but consequential change to the Linux kernel’s KVM VMX path — registered as CVE‑2022‑49610 — closes a theoretical window where the CPU’s Return Stack Buffer (RSB) could underflow between the time the guest’s speculative-control state is set and the actual vmenter instruction, removing a...