UBUNTU-CVE-2026-46295

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

SUSE CVE-2026-45894

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down PASID entry The Intel VT-d Scalable Mode PASID table entry consists of 512 bits 64 bytes. When tearing down an entry, the current implementation zeros the entire 64-byte structure...

CVE-2026-45894

A flaw was found in the Linux kernel's Intel VT-d Virtualization Technology for Directed I/O Scalable Mode. When a Process Address Space ID PASID table entry is being removed, the system may attempt to clear the entry before properly signaling to the hardware that the entry is no longer active...

CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the Intel VT-d driver failing to clear the Present bit before deleting PASID table entries. This...

CVE-2026-45894

iommu/vt-d: Clear Present bit before tearing down PASID entry...

PT-2026-43811

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where tearing down a context entry involves zeroing a 128-bit entry using multiple 64-bit writes. This process can create a window where...

PT-2026-43761

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Intel VT-d Scalable Mode PASID table entry handling. The current implementation zeros the entire 64-byte structure immediately using multiple 64-bit writes when...

SUSE CVE-2026-43161

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX – Prevent RSB underflow before vmenter On VMX, there is some timing balance between the time the guest’s SPECCTRL value is written and the vmenter. Balanced returns matched by a preceding call are usually acceptable...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002567 advisory. The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer...

SUSE CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

PT-2025-49486

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs touch msr bitmap function...

kernel: iommu/vt-d: Disallow dirty tracking if incoherent page walk

A flaw was found in the Intel VT-d IOMMU support in the Linux kernel. When an IOMMU is configured to perform dirty-page tracking, but the page-walk memory region is incoherent between the IOMMU and CPU, the hardware may attempt to atomically update the bits in a paging-structure entry that is not...

KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

...

CVE-2025-40058

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must...

Linux Distros Unpatched Vulnerability : CVE-2023-45745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in some IntelR TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of...

Linux Distros Unpatched Vulnerability : CVE-2022-42327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86: unintended memory sharing between guests On Intel systems that support the virtualize APIC accesses feature, a guest can read and write the global shared...

UBUNTU-CVE-2022-49932

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

kernel: iommu/vt-d: Fix WARN_ON in iommu probe path

CVE-2024-35957 is a vulnerability in the Linux kernel's Intel Virtualization Technology for Directed I/O VT-d subsystem. The issue stems from an incorrect assumption that each device has a unique source ID, leading to potential conflicts and system warnings during the IOMMU probe process. This fl...