CVE-2026-23402

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc2-eafebd2d2ab0-sink-vm #319

Description The Linux kernel contains a flaw within the KVM component related to memory management. Specifically, the issue involves an incorrect sanity check when overwriting a shadow-present SPTE (shadow page table entry) with another SPTE having a different target PFN (page frame number). This check was only applied to direct MMUs (Memory Management Units), leaving systems without shadowed gPTEs vulnerable. While KVM itself cannot overwrite a shadow-present SPTE during a guest write, external writes from host userspace are not detected by KVM's write tracking, potentially breaking KVM's shadow paging rules.

Recommendations Update to a version newer than 7.0.0-rc2-eafebd2d2ab0-sink-vm #319.