CVE-2026-31591
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish
Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being synchronized would at best corrupt vCPU state, and at worst crash the host kernel.
Opportunistically assert that vcpu->mutex is held when synchronizing its VMSA (the SEV-ES path already locks vCPUs).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ad27ce155566f2b4400fa865859834592bd18777 < 30fd9d8c82087742168db779929d8be0459b0716 | affected |
| Linux | Linux | ad27ce155566f2b4400fa865859834592bd18777 < 4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5 | affected |
| Linux | Linux | ad27ce155566f2b4400fa865859834592bd18777 < c87938fc7d99a06a7e5477c45b4e5a4148f85d66 | affected |
| Linux | Linux | ad27ce155566f2b4400fa865859834592bd18777 < cb923ee6a80f4e604e6242a4702b59251e61a380 | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.18.24 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.14 <= 6.19.* | unaffected |
| Linux | Linux | 7.0.1 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/30fd9d8c82087742168db779929d8be0459b0716
- https://git.kernel.org/stable/c/4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5
- https://git.kernel.org/stable/c/c87938fc7d99a06a7e5477c45b4e5a4148f85d66
- https://git.kernel.org/stable/c/cb923ee6a80f4e604e6242a4702b59251e61a380
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.