Skip to main content

Linux Kernel EUVDEUVD-2026-32465

| CVE-2026-46082 MEDIUM
2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-rm7q-mppc-gxx3
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local attack vector requires guest code execution on AMD KVM; low privilege suffices; no confidentiality or integrity impact, only availability.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 24, 2026 - 17:28 vuln.today
CVSS changed
Jun 24, 2026 - 17:22 NVD
5.5 (MEDIUM)
Patch available
May 27, 2026 - 19:46 EUVD
CVE Published
May 27, 2026 - 14:17 nvd
MEDIUM 5.5
CVE Published
May 27, 2026 - 14:17 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0

INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inject #UD when EFER.SVME=0.

[sean: tag for stable@]

AnalysisAI

KVM SVM subsystem in the Linux Kernel incorrectly handles the INVLPGA instruction when EFER.SVME=0, failing to inject the required #UD (Undefined Opcode) exception into the guest VM. Systems running AMD hardware virtualization (AMD-V/SVM) under KVM are affected from kernel 2.6.32 through multiple stable branches, with the flaw enabling a low-privileged guest user to trigger a high-severity availability impact. No public exploit exists and EPSS stands at 0.02% (5th percentile), indicating very low current exploitation probability; however, the kernel maintainers tagged this for stable backports across six separate stable branches, reflecting broad deployment surface.

Technical ContextAI

This vulnerability resides in the KVM (Kernel-based Virtual Machine) subsystem's SVM (Secure Virtual Machine) handler, which implements AMD-V hardware virtualization support. EFER (Extended Feature Enable Register) is an AMD MSR where the SVME bit (bit 12) controls whether SVM instructions are valid. INVLPGA is an AMD-specific privileged instruction used to invalidate a guest TLB entry; per AMD architecture specification, it must raise a #UD (invalid opcode) exception when EFER.SVME=0, signaling that SVM is not active. The KVM SVM emulation layer omitted this check, meaning a guest executing INVLPGA with EFER.SVME cleared would not receive the architecturally required exception injection. The affected product per CPE is cpe:2.3:o:linux:linux_kernel:* across multiple version ranges. No CWE is formally assigned, but the root cause class aligns with CWE-754 (Improper Check for Unusual or Exceptional Conditions) - a missing architectural pre-condition validation.

RemediationAI

Upstream fix available via multiple stable kernel commits; released patched versions confirmed per EUVD data. Apply the appropriate patched kernel version for your stable branch: upgrade to Linux 6.6.140 or later for the 6.6.x branch (commit 643125b66ffc at https://git.kernel.org/stable/c/643125b66ffc1147c66616b749475ba9efb15971), Linux 6.12.86 or later for the 6.12.x branch (commit c15392ed9e49 at https://git.kernel.org/stable/c/c15392ed9e49c1a16b4d3a3ccf1b3bf2318a6c28), Linux 6.18.27 or later for the 6.18.x branch (commit d99df02ff427 at https://git.kernel.org/stable/c/d99df02ff427f461102230f9c5b90a6c64ee8e23), and Linux 7.0.4 or later for the 7.0.x branch (commit 3ac9d4241d20 at https://git.kernel.org/stable/c/3ac9d4241d205f5d0df06358349ca718ebb0fa12). If immediate patching is not feasible, a compensating control is to disable AMD-V/SVM passthrough for untrusted VM guests, preventing guest-level INVLPGA execution entirely; however, this disables nested virtualization functionality and may impact workloads relying on it. Distribution vendors (RHEL, Ubuntu, SUSE, Debian) should be consulted for packaged kernel updates incorporating these stable commits.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Affected

Share

EUVD-2026-32465 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy