What is GHSA-rgj9-vx7j-x86j?

GHSA-rgj9-vx7j-x86j is a security advisory published by GitHub Security Advisories with unknown severity. In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if...

Which CVE IDs does GHSA-rgj9-vx7j-x86j cover?

GHSA-rgj9-vx7j-x86j covers the following CVE IDs: CVE-2026-46032. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-rgj9-vx7j-x86junknown

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-46032 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT

If loading L1's CR3 fails on a nested #VMEXIT, nested_svm_vmexit() returns an error code that is ignored by most callers, and continues to run L1 with corrupted state. A sane recovery is not possible in this case, and HW behavior is to cause a shutdown. Inject a triple fault instead, and do not return early from nested_svm_vmexit(). Continue cleaning up the vCPU state (e.g. clear pending exceptions), to handle the failure as gracefully as possible.

From the APM:

Upon #VMEXIT, the processor performs the following actions in order to return to the host execution context:

...

if (illegal host state loaded, or exception while loading host state) shutdown else execute first host instruction following the VMRUN

Remove the return value of nested_svm_vmexit(), which is mostly unchecked anyway.

🔗 CVE IDs covered (1)

📋 Description

🔗 References (4)