CVE-2026-45987

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1

Description In the KVM nSVM component, the nested sync control from vmcb02() function fails to synchronize the int state field, specifically bit 0 (SVM INTERRUPT SHADOW MASK), from vmcb02 to the cached vmcb12 after a VMRUN in guest mode. This occurs because the cached vmcb12 serves as the authoritative copy for certain controls and the payload for saving or restoring nested state. If KVM SET VCPU EVENTS occurs before KVM SET NESTED STATE during the restore path, the interrupt shadow is restored into vmcb01 instead of vmcb02. While this may only cause interrupt delays for L1 guests, it can lead to vCPU hangs for L2 guests, such as when a wakeup interrupt is delivered before a HLT that should have been protected by an interrupt shadow.

Recommendations Update to version 7.0.11-1.1.