CVE-2026-46082
Description
In the Linux kernel, the following vulnerability has been resolved:
KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inject #UD when EFER.SVME=0.
[sean: tag for stable@]
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing check in KVM's SVM handling of INVLPGA allows a guest to trigger a #UD injection failure when EFER.SVME is cleared.
Vulnerability
In the Linux kernel's KVM subsystem for AMD SVM, the INVLPGA instruction lacks a check for EFER.SVME being enabled. When EFER.SVME is set to 0, the instruction should cause a #UD (undefined instruction) fault. However, the SVM emulation code does not inject the #UD, potentially leading to unexpected behavior. The issue exists in versions prior to the fix commit d99df02ff427f461102230f9c5b90a6c64ee8e23 and affects all kernels in the stable tree before the backport.
Exploitation
An attacker with the ability to execute privileged instructions inside a KVM guest (ring 0 access) can invoke INVLPGA while EFER.SVME is cleared. This requires either control over the guest kernel or the ability to modify the guest's EFER MSR. The exploitation does not require any special network position; it is entirely guest-local.
Impact
Successful exploitation can cause the host's KVM to mishandle the instruction, potentially leading to a guest crash, host instability, or an integrity violation if the guest system is allowed to operate in a state the hardware specification forbids. The most likely direct consequence is a guest kernel panic or hang because the expected #UD is not delivered, though the exact impact depends on the guest OS handling of the unexpected instruction flow.
Mitigation
The fix is included in commit d99df02ff427f461102230f9c5b90a6c64ee8e23 and is tagged for stable kernel backports. Users should apply the patch or update to a kernel version containing the fix (e.g., 6.8.12 or later depending on the stable branch). No workaround is available for unpatched kernels without modifying the guest configuration to ensure EFER.SVME remains set, which may not be practical.
[1]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
10c15392ed9e49KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index a083f738b2367a..39081a9e98d895 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2289,6 +2289,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
3ac9d4241d20KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 41cc16567b3c18..6d7c74c0114c99 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2494,6 +2494,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
643125b66ffcKVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2f71960335c430..86d829220e80fa 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2555,6 +2555,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
d99df02ff427KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d82e30c40eaa9c..543f9f3f966e39 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2367,6 +2367,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
ee24928ecd85KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index bc009012c0df1a..ff5639eec72902 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2366,6 +2366,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
3ac9d4241d20KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 41cc16567b3c18..6d7c74c0114c99 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2494,6 +2494,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
643125b66ffcKVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2f71960335c430..86d829220e80fa 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2555,6 +2555,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
c15392ed9e49KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index a083f738b2367a..39081a9e98d895 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2289,6 +2289,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
d99df02ff427KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d82e30c40eaa9c..543f9f3f966e39 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2367,6 +2367,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
ee24928ecd85KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
1 file changed · +3 −1
arch/x86/kvm/svm/svm.c+3 −1 modifieddiff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index bc009012c0df1a..ff5639eec72902 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2366,6 +2366,9 @@ static int invlpga_interception(struct kvm_vcpu *vcpu) gva_t gva = kvm_rax_read(vcpu); u32 asid = kvm_rcx_read(vcpu); + if (nested_svm_check_permissions(vcpu)) + return 1; + /* FIXME: Handle an address size prefix. */ if (!is_long_mode(vcpu)) gva = (u32)gva; -- cgit 1.3-korg
Vulnerability mechanics
Root cause
"Missing permission check in the INVLPGA interception handler allows the instruction to execute even when EFER.SVME is not set."
Attack vector
A guest VM running on an AMD SVM host can execute the INVLPGA instruction when EFER.SVME is 0. Because the invlpga_interception() function in arch/x86/kvm/svm/svm.c did not call nested_svm_check_permissions() before processing the instruction, the KVM hypervisor would handle the INVLPGA instead of injecting a #UD (undefined instruction) exception back to the guest [patch_id=2659859]. An attacker with guest code execution privileges can trigger this by clearing EFER.SVME and then issuing INVLPGA, causing the hypervisor to incorrectly honor the instruction rather than raising the architecturally required fault.
Affected code
The vulnerable code is in the invlpga_interception() function in arch/x86/kvm/svm/svm.c [patch_id=2659859]. The function handles the SVM INVLPGA instruction intercept but lacked a permission check before processing the instruction.
What the fix does
The patch adds a call to nested_svm_check_permissions(vcpu) at the top of invlpga_interception() in arch/x86/kvm/svm/svm.c [patch_id=2659859]. If the check fails (e.g., EFER.SVME is 0), the function returns 1, which causes KVM to inject a #UD into the guest. This aligns the KVM behavior with the AMD architecture specification, which mandates that INVLPGA must fault when EFER.SVME is not set.
Preconditions
- configGuest must be running on an AMD SVM-capable host with KVM
- configGuest must have EFER.SVME cleared (set to 0)
- inputAttacker must have ability to execute the INVLPGA instruction within the guest
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- git.kernel.org/stable/c/3ac9d4241d205f5d0df06358349ca718ebb0fa12nvd
- git.kernel.org/stable/c/643125b66ffc1147c66616b749475ba9efb15971nvd
- git.kernel.org/stable/c/c15392ed9e49c1a16b4d3a3ccf1b3bf2318a6c28nvd
- git.kernel.org/stable/c/d99df02ff427f461102230f9c5b90a6c64ee8e23nvd
- git.kernel.org/stable/c/ee24928ecd85db4b68ed111e91fef36af0ca37b0nvd
News mentions
0No linked articles in our index yet.