6 matches found
CVE-2026-63938
The CVE-2026-63938 affects the Linux kernel KVM SEV handling of Page State Change (PSC) requests. The issue arises from not consistently validating the PSC buffer against the effective size of the GHCB scratch area; if the guest provides a pointer not aligned to the start of the GHCB shared buffe...
CVE-2026-53360
The CVE-2026-53360 entry concerns a Linux kernel KVM/SEV issue: if GHCB v2+ is used, in-GHCB scratch area must reside in the shared buffer. The root cause is a bounds check flaw in snp_begin_psc() where idx_end is validated against VMGEXIT_PSC_MAX_COUNT (253) but not against the actual buffer siz...
CVE-2026-53360 KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...
PT-2026-55698
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM SEV implementation where the software scratch area is not required to reside in the GHCB shared buffer when GHCB v2+ is used. This allows a malicious SNP guest...
CVE-2025-38560
CVE-2025-38560 relates to the Linux kernel x86/sev SNP memory validation. The vulnerability requires a cache-line eviction mitigation when memory is validated after changing a page state to private. The documented mitigation is to touch the first and last byte of each 4K page being validated. If ...
CVE-2023-52659 x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...