A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side.
This vulnerability can be mitigated by disabling 32-bit emulation by default for TDX and SEV. The user can override it with the ia32_emulation=y command line option.