Xiaoyao Li

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.65 **Description** The issue concerns the KVM implementation in the Linux kernel, specifically with Intel PT virtualization in guest/host mode. There are multiple bugs in the implementation, some of which can be fatal to the guest and others that put the stability and health of the host at risk. The most significant problem is that KVM fails to ensure tracing is disabled before VM-Enter, which is necessary for hardware to load the guest's RTIT CTL. Additionally, KVM does not validate the guest CPUID configuration provided by userspace and uses this configuration to decide what MSRs to save/load at VM-Enter and VM-Exit. This can lead to KVM trying to passthrough, save, and load non-existent MSRs, resulting in various warnings and potential deadlocks. **Recommendations** To resolve the issue, update the Linux kernel to version 6.6.65 or later. As a temporary workaround, consider disabling the Intel PT virtualization in guest/host mode until a patch is available. Restrict access to the KVM module to minimize the risk of exploitation. Avoid configuring guest CPUID to enumerate more address ranges than are supported in hardware until the issue is resolved.