CVE-2026-31591 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being synchronized would at best corrupt vCPU state, and at worst crash the host kernel. Opportunistically assert that vcpu->mutex is held when synchronizing its VMSA (the SEV-ES path already locks vCPUs).

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/30fd9d8c82087742168db779929d8be0459b0716
https://git.kernel.org/stable/c/4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5
https://git.kernel.org/stable/c/c87938fc7d99a06a7e5477c45b4e5a4148f85d66

History

Fri, 24 Apr 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being synchronized would at best corrupt vCPU state, and at worst crash the host kernel. Opportunistically assert that vcpu->mutex is held when synchronizing its VMSA (the SEV-ES path already locks vCPUs).
Title		KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/30fd9d8c82087742168db779929d8be0459b0716 https://git.kernel.org/stable/c/4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5 https://git.kernel.org/stable/c/c87938fc7d99a06a7e5477c45b4e5a4148f85d66

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-04-24T14:42:18.276Z

Updated: 2026-04-24T14:42:18.276Z

Reserved: 2026-03-09T15:48:24.120Z

Link: CVE-2026-31591

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-04-24T15:16:36.480

Modified: 2026-04-24T17:51:40.810

Link: CVE-2026-31591

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31591", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.120Z", "datePublished": "2026-04-24T14:42:18.276Z", "dateUpdated": "2026-04-24T14:42:18.276Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-24T14:42:18.276Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish\n\nLock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as\nallowing userspace to manipulate and/or run a vCPU while its state is being\nsynchronized would at best corrupt vCPU state, and at worst crash the host\nkernel.\n\nOpportunistically assert that vcpu->mutex is held when synchronizing its\nVMSA (the SEV-ES path already locks vCPUs)."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/kvm/svm/sev.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "30fd9d8c82087742168db779929d8be0459b0716", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c87938fc7d99a06a7e5477c45b4e5a4148f85d66", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/kvm/svm/sev.c"], "versions": [{"version": "6.18.24", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.14", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.1", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.18.24"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.19.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.0.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/30fd9d8c82087742168db779929d8be0459b0716"}, {"url": "https://git.kernel.org/stable/c/4df77742e8b9a6b935bdf46f02fd0aca4d4ee7f5"}, {"url": "https://git.kernel.org/stable/c/c87938fc7d99a06a7e5477c45b4e5a4148f85d66"}], "title": "KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish", "x_generator": {"engine": "bippy-1.2.0"}}}}