CVE-2026-46071

Published: May 27, 2026

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12 svm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB. However, nested_svm_vmexit() uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined. Move vmcb_mark_dirty() to callers and drop it for vmcb12. This also facilitates incoming refactoring that does not pass the entire VMCB to svm_copy_lbrs().

Vendor	Product	Versions
Linux	Linux	affected `d20c796ca3709801f8a7fa36e8770a3dd8ebd34e - < a3f0981a5a0e0bd51ad74cc7d9eed32294b24002` affected `d20c796ca3709801f8a7fa36e8770a3dd8ebd34e - < 9efe23568806d1cd06f7d146f9b3037b8d585a9f` affected `d20c796ca3709801f8a7fa36e8770a3dd8ebd34e - < b53ab5167a81537777ac780bbd93d32613aa3bda`
Linux	Linux	affected `5.19` unaffected `0 - < 5.19` unaffected `6.18.27 - <= 6.18.` unaffected `7.0.4 - <= 7.0.` unaffected `7.1-rc1 - <= *`

References

https://git.kernel.org/stable/c/a3f0981a5a0e0bd51ad74cc7d9eed32294b24002

https://git.kernel.org/stable/c/9efe23568806d1cd06f7d146f9b3037b8d585a9f

https://git.kernel.org/stable/c/b53ab5167a81537777ac780bbd93d32613aa3bda

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-46071

Description

Affected Products

References