CVE-2026-31591

EUVD-2026-25484

24.04.2026, 15:16

In the Linux kernel, the following vulnerability has been resolved:

KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish

Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as
allowing userspace to manipulate and/or run a vCPU while its state is being
synchronized would at best corrupt vCPU state, and at worst crash the host
kernel.

Opportunistically assert that vcpu->mutex is held when synchronizing its
VMSA (the SEV-ES path already locks vCPUs).

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

References

https://git.kernel.org/stable/c/30fd9d8c82087742168db779929d8be0459b0716

https://git.kernel.org/stable/c/4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5

https://git.kernel.org/stable/c/c87938fc7d99a06a7e5477c45b4e5a4148f85d66