CVE-2026-46059
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/05/2026
Last modified:
16/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
KVM: nSVM: Always use NextRIP as vmcb02&#39;s NextRIP after first L2 VMRUN<br />
<br />
For guests with NRIPS disabled, L1 does not provide NextRIP when running<br />
an L2 with an injected soft interrupt, instead it advances the current RIP<br />
before running it. KVM uses the current RIP as the NextRIP in vmcb02 to<br />
emulate a CPU without NRIPS.<br />
<br />
However, after L2 runs the first time, NextRIP will be updated by the CPU<br />
and/or KVM, and the current RIP is no longer the correct value to use in<br />
vmcb02. Hence, after save/restore, use the current RIP if and only if a<br />
nested run is pending, otherwise use NextRIP. Give soft_int_next_rip the<br />
same treatment, as it&#39;s the same logic, just for a narrower use case.<br />
<br />
[sean: give soft_int_next_rip the same treatment]
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.8 (including) | 6.18.27 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page



