HIGH 8.8

CVE-2026-46113

A use-after-free vulnerability exists in the Linux kernel's KVM (Kernel Virtual Machine) shadow page table management. The issue arises when guest page tables are modified between VM entries, causing KVM to track memory references incorrectly. This can lead to the kernel accessing freed memory structures, potentially allowing a local attacker with guest access to crash the system or execute code with elevated privileges. The vulnerability requires local access and affects systems running KVM with shadow paging enabled.

Source data · NVD / CISA · public domain

CVSS
3.1 · 8.8 HIGH · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Weaknesses (CWE)
CWE-416
Affected products
3 configuration(s)
Published / Modified
2026-05-28 / 2026-06-24

NVD description (verbatim)

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modified between VM entries (similar to commit aad885e77496, "KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE", 2026-03-27). The flow is as follows: - a PDE is installed for a 2MB mapping, and a page in that area is accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages; the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because the guest's mapping is a huge page (and thus contiguous). - the PDE mapping is changed from outside the guest. - the guest accesses another page in the same 2MB area. KVM installs a new leaf SPTE and rmap entry; the SPTE uses the "correct" GFN (i.e. based on the new mapping, as changed in the previous step) but that GFN is outside of the [sp->gfn, sp->gfn + 511] range; therefore the rmap entry cannot be found and removed when the kvm_mmu_page is zapped. - the memslot that covers the first 2MB mapping is deleted, and the kvm_mmu_page for the now-invalid GPA is zapped. However, rmap_remove() only looks at the [sp->gfn, sp->gfn + 511] range established in step 1, and fails to find the rmap entry that was recorded by step 3. - any operation that causes an rmap walk for the same page accessed by step 3 then walks a stale rmap and dereferences a freed kvm_mmu_page. This includes dirty logging or MMU notifier invalidations (e.g., from MADV_DONTNEED). The underlying issue is that KVM's walking of shadow PTEs assumes that if a SPTE is present when KVM wants to install a non-leaf SPTE, then the existing kvm_mmu_page must be for the correct gfn. Because the only way for the gfn to be wrong is if KVM messed up and failed to zap a SPTE... which shouldn't happen, but *actually* only happens in response to a guest write. That bug dates back literally forever, as even the first version of KVM assumes that the GFN matches and walks into the "wrong" shadow page. However, that was only an imprecision until 2032a93d66fa ("KVM: MMU: Don't allocate gfns page for direct mmu pages") came along. Fix it by checking for a target gfn mismatch and zapping the existing SPTE. That way the old SP and rmap entries are gone, KVM installs the rmap in the right location, and everyone is happy.

6 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-46113 is a use-after-free (CWE-416) vulnerability in KVM's shadow MMU implementation. The root cause is an assumption that guest frame numbers (GFNs) for shadow pages remain constant based on sp->gfn plus SPTE index offsets. When guest page tables are modified between VM entries—specifically when a 2MB PDE mapping changes—KVM may create SPTEs with GFNs outside the expected [sp->gfn, sp->gfn + 511] range. When the original memslot is deleted and rmap_remove() attempts cleanup, it fails to locate rmap entries recorded under the new GFN, leaving stale pointers. Subsequent rmap walks during operations like dirty logging or MMU notifier invalidations dereference the freed kvm_mmu_page structure. The fix involves checking for target GFN mismatches during SPTE installation and proactively zapping existing SPTEs when a mismatch is detected, ensuring rmap entries are recorded in the correct location.

Business impact

For virtualization infrastructure operators, this vulnerability poses a significant availability and integrity risk. A guest user can trigger a kernel use-after-free that crashes the host or potentially executes code in the hypervisor context, compromising isolation between guest VMs and the host. Cloud providers, hosting platforms, and enterprises running multi-tenant KVM deployments must prioritize patching to prevent guest-to-host escape scenarios and ensure host stability. The attack requires only local guest access, making it exploitable by unprivileged tenant processes.

Affected systems

The Linux kernel is affected across multiple distributions and versions that include KVM with shadow paging. Shadow paging is commonly enabled for older hardware or when EPT/NPT (hardware-assisted page tables) are unavailable or explicitly disabled. Any Linux system running a vulnerable kernel version with KVM shadow MMU in use is at risk. Verify your kernel version against the vendor advisory and check if shadow paging is active in your environment.

Exploitability

Exploitability is moderate to high. The vulnerability requires local access to a guest VM, meaning an unprivileged guest user or process can trigger the race condition by inducing guest page table modifications between VM entries. No special privileges within the guest are needed. However, reliable exploitation may require timing control to force the specific sequence of page table modifications and memory accesses. The attack surface is broad because many KVM deployments still use shadow paging, particularly on systems without hardware MMU support.

Remediation

Apply the upstream Linux kernel patch that adds GFN mismatch detection in the shadow MMU's SPTE installation path. The patch checks whether the target GFN for a new leaf SPTE falls outside the expected range for the existing shadow page; if so, it zaps the stale SPTE before installing the new one. Consult your Linux distribution's kernel advisories and security update channels for patched kernel versions. Test patches in non-production environments first, particularly if shadow paging is critical to your workload.

Patch guidance

Monitor your distribution's kernel security advisories for published CVE-2026-46113 patches. Verify patch availability through your vendor's advisory pages (Red Hat, Canonical, SUSE, etc.). Once available, plan kernel updates on a schedule that balances security urgency with system downtime tolerance; KVM updates typically require VM migration or restart. For large deployments, stage updates to non-critical systems first to validate compatibility. Confirm that patched kernels are compiled with KVM shadow MMU support enabled and that your VMs are using shadow paging if applicable.

Detection guidance

Monitor for kernel page faults and use-after-free errors in syslog and kernel error logs that coincide with VM memory operations or guest page table modifications. Systems may exhibit symptoms including unexpected VM crashes, kernel panics mentioning kvm_mmu_page or rmap structures, or general instability under concurrent guest workloads. Kernel address sanitizer (KASAN) or similar debugging tools can help detect use-after-free if enabled in testing environments. Host-based intrusion detection may flag unusual guest-to-host memory access patterns, though this is difficult to detect reliably in production without custom instrumentation.

Why prioritize this

This vulnerability merits urgent prioritization due to its high CVSS score (8.8), local attack vector, and potential for guest-to-host privilege escalation. The use-after-free nature makes it a critical stability and security concern for virtualization platforms. Although the attack requires local guest access, the broad deployment of KVM and shadow paging in cloud and enterprise environments means many systems are likely vulnerable. Patching should be scheduled as soon as vendor patches are available.

Risk score, explained

The CVSS 3.1 score of 8.8 (HIGH) reflects a local attack vector (AV:L) with low attack complexity (AC:L), no special privileges required (PR:L), and no user interaction needed (UI:N). The impact is severe: confidentiality, integrity, and availability are all compromised (C:H/I:H/A:H) with a scope change (S:C) allowing escape from the guest VM context. The score appropriately captures the threat of host compromise through a guest-initiated use-after-free.

Frequently asked questions

Does this vulnerability affect my system if I'm not running KVM?

No. This vulnerability is specific to the Linux kernel's KVM implementation. Systems using other hypervisors (Xen, Hyper-V, VMware) or not running virtualization are not affected. Even on Linux, non-KVM deployments are safe.

Can a guest user reliably exploit this, or is it a theoretical race condition?

While the vulnerability does involve a race condition (guest page table modifications between VM entries), the underlying issue is a logic flaw in how KVM tracks GFNs for shadow pages. Dedicated attackers with guest access can increase the likelihood of triggering the race through page table manipulation; however, exploitation reliability depends on timing and system load. It should be treated as practically exploitable, not merely theoretical.

What is the difference between shadow paging and hardware-assisted paging, and which is vulnerable?

Shadow paging is a software-based memory management technique used when hardware MMU support (EPT on Intel, NPT on AMD) is unavailable or disabled. This vulnerability affects shadow paging only. Systems using hardware-assisted paging with nested page tables are not affected by this specific flaw. Check your hypervisor configuration to determine which mode you use.

If I patch my kernel, do I need to restart all VMs?

Yes, kernel updates typically require a reboot of the host system, which will trigger VM shutdown and restart (or migration if configured). Plan for downtime or use live migration to minimize disruption. After the host reboots with the patched kernel, VMs will resume on the updated system.

This analysis is provided for informational purposes to assist security professionals in understanding and remediating CVE-2026-46113. The information herein is based on the published vulnerability description and CVSS assessment; however, real-world impact may vary based on system configuration, kernel version, and deployment architecture. Readers should verify all patch versions, availability timelines, and compatibility requirements against official vendor advisories before implementing updates. SEC.co does not provide exploit code or weaponization guidance. Organizations should conduct their own risk assessment and testing in non-production environments before deploying patches to production systems. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).

Affected vendors

Weaknesses (CWE)

Related vulnerabilities

  • CVE-2026-10001HIGH

    CVE-2026-10001: Chrome Sandbox Escape via PerformanceManager Use-After-Free

  • CVE-2026-10002HIGH

    CVE-2026-10002: Google Chrome PDFium Use-After-Free Vulnerability (CVSS 8.8)

  • CVE-2026-10003HIGH

    CVE-2026-10003: Chrome Use-After-Free Code Execution Vulnerability Analysis

  • CVE-2026-10007HIGH

    CVE-2026-10007: Chrome Use-After-Free in SVG Arbitrary Code Execution (CVSS 8.8)

  • CVE-2026-10012HIGH

    CVE-2026-10012: Chrome Skia Use-After-Free Sandbox Escape (v148.0.7778.216)

  • CVE-2026-10013HIGH

    CVE-2026-10013: Use-After-Free in Chrome WebCodecs – Patch Guide & Risk Assessment

  • CVE-2026-10016HIGH

    CVE-2026-10016: Use-After-Free in Chrome DOM – Sandbox Code Execution Vulnerability

  • CVE-2026-10882HIGH

    CVE-2026-10882: Critical Chrome Use-After-Free RCE Vulnerability – Exploit Details & Patch Guidance