Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-46014

Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
27/05/2026
Última modificación:
16/06/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> KVM: SVM: Add missing save/restore handling of LBR MSRs<br /> <br /> MSR_IA32_DEBUGCTLMSR and LBR MSRs are currently not enumerated by<br /> KVM_GET_MSR_INDEX_LIST, and LBR MSRs cannot be set with KVM_SET_MSRS. So<br /> save/restore is completely broken.<br /> <br /> Fix it by adding the MSRs to msrs_to_save_base, and allowing writes to<br /> LBR MSRs from userspace only (as they are read-only MSRs) if LBR<br /> virtualization is enabled. Additionally, to correctly restore L1&amp;#39;s LBRs<br /> while L2 is running, make sure the LBRs are copied from the captured<br /> VMCB01 save area in svm_copy_vmrun_state().<br /> <br /> Note, for VMX, this also fixes a flaw where MSR_IA32_DEBUGCTLMSR isn&amp;#39;t<br /> reported as an MSR to save/restore.<br /> <br /> Note #2, over-reporting MSR_IA32_LASTxxx on Intel is ok, as KVM already<br /> handles unsupported reads and writes thanks to commit b5e2fec0ebc3 ("KVM:<br /> Ignore DEBUGCTL MSRs with no effect") (kvm_do_msr_access() will morph the<br /> unsupported userspace write into a nop).<br /> <br /> [sean: guard with lbrv checks, massage changelog]

Productos y versiones vulnerables

CPE Desde Hasta
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.26 (incluyendo) 6.18.27 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.19 (incluyendo) 7.0.4 (excluyendo)