Main Vulnerability Database SB2026040161

SB2026040161 - Incomplete Blacklist to Cross-Site Scripting in Linux kernel kvm mmu

Published: April 1, 2026

Security Bulletin ID SB2026040161

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Incomplete Blacklist to Cross-Site Scripting (CVE-ID: CVE-2026-23402)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper input validation in KVM's x86/mmu component when handling SPTE updates from host userspace. A local user can trigger a warning condition that leads to a system crash to cause a denial of service.

Exploitation requires access to host userspace and affects virtualized environments using KVM with EPT. The issue arises when modifying SPTEs outside KVM's write tracking scope.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/df83746075778958954aa0460cca55f4b3fc9c02