vmcb lbr

The vmcb lbr tag covers discussions about the VMCB (Virtual Machine Control Block) and LBR (Last Branch Record) clean bit in AMD nested virtualization, particularly in the context of Linux KVM. A notable thread addresses CVE-2026-46071, a vulnerability where KVM's nSVM path incorrectly dirtied the LBR clean bit in a guest-owned VMCB during nested VM exit handling. While this is a Linux kernel issue, it affects Windows workloads running on Linux/KVM infrastructure, including developer laptops, CI farms, and private clouds. The tag focuses on virtualization security, architectural boundaries in hypervisors, and the implications for nested virtualization stacks.