{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-46131","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.099Z","datePublished":"2026-05-28T09:35:46.220Z","dateUpdated":"2026-06-14T17:56:46.141Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-14T17:56:46.141Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: check for nEPT/nNPT in slow flush hypercalls\n\nChecking is_guest_mode(vcpu) is incorrect, because translate_nested_gpa()\nis only valid if an L2 guest is running *with nested EPT/NPT enabled*.\nInstead use the same condition as translate_nested_gpa() itself."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kvm/hyperv.c"],"versions":[{"version":"aee738236dca0d0870789138ec494e15d6303566","lessThan":"971f17f5d91045404e3914029ea57c3da90179a4","status":"affected","versionType":"git"},{"version":"aee738236dca0d0870789138ec494e15d6303566","lessThan":"45fc766bc756ff1d66f8ca026a9c4f7f764adfae","status":"affected","versionType":"git"},{"version":"aee738236dca0d0870789138ec494e15d6303566","lessThan":"d6f4e217d663ede5becc2fd6cb612c749677387b","status":"affected","versionType":"git"},{"version":"aee738236dca0d0870789138ec494e15d6303566","lessThan":"4c7f8436b19a2a3acc0cb6b6e3becd6796ae5c57","status":"affected","versionType":"git"},{"version":"aee738236dca0d0870789138ec494e15d6303566","lessThan":"464af6fc2b1dcc74005b7f58ee3812b17777efee","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kvm/hyperv.c"],"versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","status":"unaffected","versionType":"semver"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.12.88"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.18.30"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"7.0.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/971f17f5d91045404e3914029ea57c3da90179a4"},{"url":"https://git.kernel.org/stable/c/45fc766bc756ff1d66f8ca026a9c4f7f764adfae"},{"url":"https://git.kernel.org/stable/c/d6f4e217d663ede5becc2fd6cb612c749677387b"},{"url":"https://git.kernel.org/stable/c/4c7f8436b19a2a3acc0cb6b6e3becd6796ae5c57"},{"url":"https://git.kernel.org/stable/c/464af6fc2b1dcc74005b7f58ee3812b17777efee"}],"title":"KVM: x86: check for nEPT/nNPT in slow flush hypercalls","x_generator":{"engine":"bippy-1.2.0"}}}}