RepoJournal
Linux

Linux

The kernel, distros, and the rigs of the moment

Pick a date

  1. Sun 3 may
  2. Mon 4 may
  3. Tue 5 may
  4. Wed 6 may
  5. Thu 7 may
  6. Fri 8 may
  7. Sat 9 may
  8. Sun 10 may
  9. Mon 11 may
  10. Tue 12 may
  11. Wed 13 may
  12. Thu 14 may
  13. Fri 15 may
  14. Sat 16 may
  15. Sun 17 may
  16. Tue 19 may
  17. Wed 20 may
  18. Thu 21 may
  19. Sat 23 may
  20. Sun 24 may
  21. Mon 25 may
  22. Tue 26 may
  23. Wed 27 may
  24. Fri 29 may
  25. Sat 30 may
  26. Sun 31 may
  27. Mon 1 jun
  28. Mon 8 jun
  29. Tue 9 jun
  30. Today 10 jun

The Wire · Showcase

KVM SHADOW PAGING USE-AFTER-FREE CLOSES 16-YEAR-OLD HOLE

By RepoJournal · Filed · About Linux

The kernel patched a critical use-after-free in KVM's x86 shadow MMU that has been exploitable since the first KVM series shipped — a bug that only surfaces when guest page tables change between VM entries.

Paolo Bonzini merged three x86 KVM fixes overnight that address a cascade of interrupt and memory management bugs [2]. The most severe is the shadow paging use-after-free [1], which stems from a fundamental assumption break: the shadow MMU calculates guest frame numbers using the shadow page's base GFN plus the SPTE index, but this math fails when guest page tables are modified mid-execution. The same batch fixes nested EPT/NPT hypercall validation [3] that could allow L2 guests to invoke slow flush operations when nested paging isn't enabled, and corrects the IRR interrupt reporting logic [4] [5] that was silently dropping pending interrupts during nested VM stress tests. These are production-critical fixes — the shadow paging bug alone has had 16 years to spread, and the interrupt reporting flaw causes hard-to-debug warning cascades in nested virtualization setups.

Action items

References

  1. [1] KVM: x86: Fix shadow paging use-after-free due to unexpected GFN torvalds/linux
  2. [2] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm torvalds/linux
  3. [3] KVM: x86: check for nEPT/nNPT in slow flush hypercalls torvalds/linux
  4. [4] KVM: x86: Fix misleading variable names and add more comments for PIR=>IRR flow torvalds/linux
  5. [5] KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty torvalds/linux

FAQ

What changed in Linux on May 4, 2026?
The kernel patched a critical use-after-free in KVM's x86 shadow MMU that has been exploitable since the first KVM series shipped — a bug that only surfaces when guest page tables change between VM entries.
What should Linux teams do about it?
Pull latest KVM fixes from torvalds/linux before next stable release • Monitor nested VM interrupt handling if running hypervisors at scale
Which Linux repositories shipped on May 4, 2026?
torvalds/linux

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.