SB2026050980 - Improper Check or Handling of Exceptional Conditions in Linux kernel kvm svm
Published: May 9, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2026-43315)
CWE-ID: CWE-703 - Improper Check or Handling of Exceptional Conditions
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of a user-triggerable warning in nested_svm_load_cr3() and svm_set_nested_state() in KVM nSVM when restoring nested vCPU state after modifying CPUID and CR3 values from userspace. A local user can supply an illegal combination of nested state, CPUID, and CR3 values to trigger a kernel warning and cause a denial of service.
The issue is reachable through the KVM userspace ABI during nested virtualization state restoration.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/155ec243ef726f4bc49536fa0bfb565dc011ab17
- https://git.kernel.org/stable/c/580ea57840864d40e019bc13fd26afdc8d510a2f
- https://git.kernel.org/stable/c/969e5e13ff5c18603f21d1f9f64ec9194e141ac0
- https://git.kernel.org/stable/c/ce904c8a5bbe697eae0f7e34b07095bd7a6dee19
- https://git.kernel.org/stable/c/deb8f6dfd31d94b18dbeeaa8c01fbec5fc70fd2b
- https://git.kernel.org/stable/c/ebb2ab4f1c87d6b52776292cf7dc16aea48e95f8
- https://git.kernel.org/stable/c/fc3ba56385d03501eb582e4b86691ba378e556f9