CVE-2026-46131

Summary

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: check for nEPT/nNPT in slow flush hypercalls

Checking is_guest_mode(vcpu) is incorrect, because translate_nested_gpa() is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as translate_nested_gpa() itself.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxaee738236dca0d0870789138ec494e15d6303566 < 971f17f5d91045404e3914029ea57c3da90179a4affected
LinuxLinuxaee738236dca0d0870789138ec494e15d6303566 < 45fc766bc756ff1d66f8ca026a9c4f7f764adfaeaffected
LinuxLinuxaee738236dca0d0870789138ec494e15d6303566 < d6f4e217d663ede5becc2fd6cb612c749677387baffected
LinuxLinuxaee738236dca0d0870789138ec494e15d6303566 < 4c7f8436b19a2a3acc0cb6b6e3becd6796ae5c57affected
LinuxLinuxaee738236dca0d0870789138ec494e15d6303566 < 464af6fc2b1dcc74005b7f58ee3812b17777efeeaffected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.88 <= 6.12.*unaffected
LinuxLinux6.18.30 <= 6.18.*unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References