CVE-2026-43133 in LinuxИнформация

Сводка

по MITRE • 06.05.2026

In the Linux kernel, the following vulnerability has been resolved:

KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation

Commit cc3ed80ae69f ("KVM: nSVM: always use vmcb01 to for vmsave/vmload of guest state") made KVM always use vmcb01 for the fields controlled by VMSAVE/VMLOAD, but it missed updating the VMLOAD/VMSAVE emulation code to always use vmcb01.

As a result, if VMSAVE/VMLOAD is executed by an L2 guest and is not intercepted by L1, KVM will mistakenly use vmcb02. Always use vmcb01 instead of the current VMCB.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Linux

Резервировать

01.05.2026

Раскрытие

06.05.2026

Модерация

принято

Вход

VDB-361371

CPE

готов

CWE

CWE-371 (Подтверждённый)

CVSS

8.0 (VulDB)

EPSS

0.00013

KEV

Нет

Деятельности

Очень низкий

Сектор

Industry, Hospital, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-43133
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-43133
CVE Details	https://www.cvedetails.com/cve/CVE-2026-43133/

◂ Предыдущий Обзор Далее ▸

Interested in the pricing of exploits?

See the underground prices here!