CVE-2026-46071 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12 svm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB. However, nested_svm_vmexit() uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined. Move vmcb_mark_dirty() to callers and drop it for vmcb12. This also facilitates incoming refactoring that does not pass the entire VMCB to svm_copy_lbrs().

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

d20c796ca3709801f8a7fa36e8770a3dd8ebd34e (git) before a3f0981a5a0e0bd51ad74cc7d9eed32294b24002

affected

d20c796ca3709801f8a7fa36e8770a3dd8ebd34e (git) before 9efe23568806d1cd06f7d146f9b3037b8d585a9f

affected

d20c796ca3709801f8a7fa36e8770a3dd8ebd34e (git) before b53ab5167a81537777ac780bbd93d32613aa3bda

affected

Default status

affected

5.19

affected

Any version before 5.19

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/a3f0981a5a0e0bd51ad74cc7d9eed32294b24002

git.kernel.org/...c/9efe23568806d1cd06f7d146f9b3037b8d585a9f

git.kernel.org/...c/b53ab5167a81537777ac780bbd93d32613aa3bda

cve.org (CVE-2026-46071)

nvd.nist.gov (CVE-2026-46071)

Download JSON

help @ threatint.eu