CVE-2026-46131

Published: May 28, 2026

Modified: May 28, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking is_guest_mode(vcpu) is incorrect, because translate_nested_gpa() is only valid if an L2 guest is running *with nested EPT/NPT enabled*. Instead use the same condition as translate_nested_gpa() itself.

Vendor	Product	Versions
Linux	Linux	affected `aee738236dca0d0870789138ec494e15d6303566 - < 971f17f5d91045404e3914029ea57c3da90179a4` affected `aee738236dca0d0870789138ec494e15d6303566 - < 45fc766bc756ff1d66f8ca026a9c4f7f764adfae` affected `aee738236dca0d0870789138ec494e15d6303566 - < d6f4e217d663ede5becc2fd6cb612c749677387b` affected `aee738236dca0d0870789138ec494e15d6303566 - < 4c7f8436b19a2a3acc0cb6b6e3becd6796ae5c57` affected `aee738236dca0d0870789138ec494e15d6303566 - < 464af6fc2b1dcc74005b7f58ee3812b17777efee`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.140 - <= 6.6.` unaffected `6.12.88 - <= 6.12.` unaffected `6.18.30 - <= 6.18.*` +2 more versions

References

https://git.kernel.org/stable/c/971f17f5d91045404e3914029ea57c3da90179a4

https://git.kernel.org/stable/c/45fc766bc756ff1d66f8ca026a9c4f7f764adfae

https://git.kernel.org/stable/c/d6f4e217d663ede5becc2fd6cb612c749677387b

https://git.kernel.org/stable/c/4c7f8436b19a2a3acc0cb6b6e3becd6796ae5c57

https://git.kernel.org/stable/c/464af6fc2b1dcc74005b7f58ee3812b17777efee

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-46131

Description

Affected Products

References