MEDIUM 5.5

CVE-2026-46295: Linux KVM Posted Interrupt Race Condition

A race condition in the Linux kernel's KVM hypervisor can cause the system to incorrectly report whether virtual CPUs have pending interrupts. When one virtual CPU sends an interrupt to another while the receiving CPU is simultaneously checking for pending interrupts, a timing gap allows the system to think an interrupt has arrived when it hasn't actually been delivered yet. While the interrupt itself isn't lost—it remains queued internally—the false reporting triggers a warning message and wastes CPU cycles with unnecessary virtual machine context switches. This affects systems running KVM hypervisor on x86 processors, particularly in nested virtualization scenarios under heavy load.

Source data · NVD / CISA · public domain

CVSS
3.1 · 5.5 MEDIUM · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weaknesses (CWE)
Affected products
3 configuration(s)
Published / Modified
2026-06-08 / 2026-07-08

NVD description (verbatim)

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty Fall back to apic_find_highest_vector() when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a nested VM stress test, the following WARNING fires in vmx_check_nested_events() when kvm_cpu_has_interrupt() reports a pending interrupt but the subsequent kvm_apic_has_interrupt() (which invokes vmx_sync_pir_to_irr() again) returns -1: WARNING: CPU: 99 PID: 57767 at arch/x86/kvm/vmx/nested.c:4449 vmx_check_nested_events+0x6bf/0x6e0 [kvm_intel] Call Trace: kvm_check_and_inject_events vcpu_enter_guest.constprop.0 vcpu_run kvm_arch_vcpu_ioctl_run kvm_vcpu_ioctl __x64_sys_ioctl do_syscall_64 entry_SYSCALL_64_after_hwframe The root cause is a race between vmx_sync_pir_to_irr() on the target vCPU and __vmx_deliver_posted_interrupt() on a sender vCPU. The sender performs two individually-atomic operations that are not a single transaction: 1. pi_test_and_set_pir(vector) -- sets the PIR bit 2. pi_test_and_set_on() -- sets PID.ON The following interleaving triggers the bug: Sender vCPU (IPI): Target vCPU (1st sync_pir_to_irr): B1: set PIR[vector] A1: pi_clear_on() A2: pi_harvest_pir() -> sees B1 bit A3: xchg() -> consumes bit, PIR=0 (1st sync returns correct max_irr) B2: set PID.ON = 1 Target vCPU (2nd sync_pir_to_irr): C1: pi_test_on() -> TRUE (from B2) C2: pi_clear_on() -> ON=0 C3: pi_harvest_pir() -> PIR empty C4: *max_irr = -1, early return IRR NOT SCANNED The interrupt is not lost (it resides in the IRR from the first sync and is recovered on the next vcpu_enter_guest() iteration), but the incorrect max_irr causes a spurious WARNING and a wasted L2 VM-Enter/VM-Exit cycle.

3 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-46295 addresses a synchronization race in KVM's Posted Interrupt Descriptor (PID) mechanism on x86 platforms. The vulnerability arises from a non-atomic two-step sequence in __vmx_deliver_posted_interrupt(): setting a bit in the Posted Interrupt Request (PIR) register, then setting the PID.ON flag. A target vCPU executing vmx_sync_pir_to_irr() can observe PID.ON=1 after the PIR has already been harvested and cleared by an intervening sync operation, causing the second sync to return max_irr=-1 without scanning the Interrupt Request Register (IRR). The interrupt remains correctly recorded in the IRR from the prior sync cycle, but the incorrect max_irr value causes vmx_check_nested_events() to detect a mismatch: kvm_cpu_has_interrupt() reports pending while kvm_apic_has_interrupt() returns -1, triggering the WARNING. The fix ensures __kvm_apic_update_irr() always falls back to apic_find_highest_vector() to scan the IRR when PID.ON is set, even if PIR is empty, guaranteeing accurate reporting of the highest pending interrupt vector.

Business impact

Organizations running nested virtualization workloads (such as cloud providers offering VM-on-VM capabilities or container orchestration platforms with nested KVM) will experience spurious kernel warnings and unnecessary vCPU context switch overhead during stress conditions. While data integrity and security are not directly compromised, the availability impact manifests as degraded performance and log noise that obscures genuine issues. Production environments with high-density nested KVM deployments may see measurable latency inflation and diagnostic complexity. The warning spam can trigger automated alerting systems, creating operational burden for teams relying on kernel logs for health monitoring.

Affected systems

Any Linux system running the KVM hypervisor with x86 architecture is potentially affected. The vulnerability is most pronounced in nested virtualization setups—scenarios where virtual machines themselves host additional virtual machines. This includes public cloud platforms offering nested VM capabilities, on-premises hypervisor clusters supporting nested workloads, and lab/test environments using nested KVM. Systems with high vCPU counts and dense VM packing are at greatest risk of triggering the race condition. The vulnerability does not affect non-KVM systems, ARM-based KVM deployments, or single-level virtualization without nesting, though all KVM installations contain the vulnerable code path.

Exploitability

Exploiting this vulnerability requires local system access to trigger nested KVM workloads and sustained stress to reliably hit the race condition timing window. There is no remote attack vector; an attacker cannot trigger the flaw from outside the system or across a network. Proof-of-concept reproduction typically requires specialized stress testing tools targeting the Posted Interrupt mechanism under concurrent vCPU load. The race condition is probabilistic—it manifests sporadically under specific load patterns—which makes weaponization impractical for targeted attacks. No known public exploits exist, and the condition does not enable privilege escalation or data exfiltration; it causes incorrect reporting and performance degradation only.

Remediation

Patch the Linux kernel to a version containing the fix to __kvm_apic_update_irr(). The patch modifies the function to invoke apic_find_highest_vector() as a fallback whenever PID.ON is set but the PIR is empty, ensuring the IRR is always scanned for the highest pending interrupt. Verify against the vendor advisory for the specific kernel version numbers and branches affected in your distribution. After patching, no configuration changes or workarounds are required. Systems should be rebooted to load the updated kernel. If immediate patching is not feasible, disabling nested virtualization (setting kvm-intel.nested=0 or equivalent) eliminates the attack surface, though this removes support for nested VM capabilities.

Patch guidance

Consult your Linux distribution's security advisories and kernel repositories for the patched kernel version addressing CVE-2026-46295. Mainstream distributions (Red Hat, Debian, Ubuntu, SUSE, etc.) will provide backported fixes for stable kernel branches. Apply patches according to your organization's change management procedures and kernel update cadence. Test patched kernels in non-production nested KVM environments first to validate stability. Reboot systems at a maintenance window to activate the patched kernel. Verify the fix by running nested virtualization workloads and confirming the absence of vmx_check_nested_events() warnings in kernel logs.

Detection guidance

Monitor kernel logs (dmesg, journalctl) for the specific WARNING message originating from arch/x86/kvm/vmx/nested.c line 4449 in vmx_check_nested_events(), which triggers when kvm_cpu_has_interrupt() reports a pending interrupt but kvm_apic_has_interrupt() returns -1. Elevated warning frequency correlates with nested KVM stress load. No userspace artifacts or application-level indicators exist; detection is kernel-log dependent. Hypervisor monitoring tools that parse kernel warnings can be tuned to flag this specific message. Note that warning presence alone indicates the race occurred, not exploitation or compromise; the race is a kernel internal consistency issue rather than a security boundary violation. After patching, absence of this warning pattern indicates successful remediation.

Why prioritize this

While the CVSS score of 5.5 (Medium) reflects availability impact without confidentiality or integrity compromise, nested KVM environments should prioritize this patch above typical medium-severity issues because the race condition directly undermines system reliability and observability. Organizations dense-packing VMs or offering nested capabilities as a service should treat this as high-priority. The fix is low-risk and non-disruptive. Conversely, traditional single-level hypervisor deployments without nested workloads may defer patching to routine kernel update cycles. The absence of KEV inclusion reflects low external exploitability, further reducing risk for organizations focused on attack surface exposure.

Risk score, explained

The CVSS 3.1 score of 5.5 (Medium, AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) reflects: local attack vector only (hypervisor host access required), low attack complexity (race condition is deterministic once nested KVM load is applied), low privileges (any user able to spawn nested VMs), no user interaction needed, no impact on other systems (S:U), zero confidentiality or integrity impact, and high availability impact (spurious warnings, wasted cycles). The score appropriately discounts remote attack scenarios. The lack of data compromise keeps severity at Medium despite the availability hit. Real-world impact varies: organizations relying on nested KVM operationally will experience higher actual risk than those without nested workloads.

Frequently asked questions

Does this vulnerability allow an attacker to compromise my system or steal data?

No. CVE-2026-46295 does not affect the security boundary of the hypervisor, enable privilege escalation, or expose confidential data. The vulnerability causes incorrect reporting of interrupt status and generates spurious kernel warnings. Interrupts themselves are not lost; the underlying data structures remain intact. The impact is operational (performance and log noise) rather than a security compromise.

How can I tell if this vulnerability is affecting my system?

Look for the specific WARNING message in your kernel logs: "WARNING: CPU: [N] PID: [PID] at arch/x86/kvm/vmx/nested.c:4449 vmx_check_nested_events()+..." occurring repeatedly during nested virtualization workloads. If you do not run nested KVM (VMs hosting VMs), you are unaffected regardless of kernel version. Single-level virtualization with KVM does not trigger this race.

Can I mitigate this without patching?

Yes, you can disable nested virtualization by setting the kernel parameter kvm-intel.nested=0 (Intel) or kvm-amd.nested=0 (AMD), then rebooting. This eliminates the code path that triggers the race. However, this disables all nested VM functionality. Patching is the recommended solution as it resolves the underlying race rather than disabling a feature.

Does this affect cloud providers or container platforms?

Cloud platforms offering nested VM capability (such as AWS EC2 bare-metal instances with custom KVM, OpenStack deployments with nested support, or Kubernetes with KVM runtime) are most affected. Platforms using nested KVM for testing or multi-tenant scenarios should prioritize patching. Standard single-tenant cloud VM offerings and container platforms without nested KVM are unaffected.

This analysis is provided for informational purposes. The details presented are based on the CVE record and associated technical documentation as of the publication date. Actual exploitability, impact, and patch applicability vary by individual system configuration, kernel version, and deployment context. Organizations should verify all technical claims against vendor advisories and test patches in controlled environments before production deployment. SEC.co makes no warranty regarding the completeness or accuracy of this analysis. Consult your Linux distribution's security team and KVM project documentation for authoritative guidance on this vulnerability. Source: NVD (public-domain), retrieved 2026-07-16. Analysis generated by SEC.co (claude-haiku-4-5).