A small but consequential change to the Linux kernel’s KVM VMX path — registered as CVE‑2022‑49610 — closes a theoretical window where the CPU’s Return Stack Buffer (RSB) could underflow between the time the guest’s speculative-control state is set and the actual vmenter instruction, removing a...