CVE-2026-46059

CVE-2026-46059 (Linux kernel, KVM nSVM) : The issue concerns how NextRIP is chosen for vmcb02 after an L2 VMRUN when NRIPS is disabled. Affected code uses the current RIP as NextRIP to emulate a CPU without NRIPS, but after the first L2 run NextRIP can be updated by the CPU/KVM, making the curren...

PT-2026-43926

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

Medium: qemu

Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...