CVE-2025-68810

The CVE describes a Linux kernel KVM memory-m slot issue: once a memslot is created with a guest_memfd binding, toggling the KVM_MEM_GUEST_MEMFD flag on that existing slot is not supported. Enables are blocked, but clearing the flag is not, which can lead to a use-after-free when KVM fails to unb...

CVE-2025-40274

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

CVE-2025-40274 KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

CVE-2025-38396

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...