CVE-2026-23005 Overview
A kernel panic vulnerability has been identified in the Linux kernel's x86/fpu subsystem affecting KVM virtualization. The flaw occurs in the handling of guest XSAVE state when XFD (Extended Feature Disable) is enabled. When loading guest XSAVE state via KVM_SET_XSAVE or when updating XFD in response to a guest WRMSR instruction, the kernel fails to clear XFD-disabled features in the saved XSTATE_BV, leading to a kernel panic condition.
The vulnerability is triggered when the kernel executes XRSTOR with the guest's XFD while having XSTATE_BV[i]=1 with XFD[i]=1, causing a #NM (Device Not Available) exception that crashes the host kernel.
Critical Impact
This vulnerability can cause complete host kernel panic when running KVM guests using AMX (Advanced Matrix Extensions) features, resulting in denial of service affecting all virtualized workloads on the affected host.
Affected Products
- Linux kernel with KVM virtualization support
- Systems with Intel AMX (Advanced Matrix Extensions) capabilities
- KVM-based virtualization platforms (QEMU, libvirt, etc.)
Discovery Timeline
- 2026-01-25 - CVE CVE-2026-23005 published to NVD
- 2026-01-26 - Last updated in NVD database
Technical Details for CVE-2026-23005
Vulnerability Analysis
The vulnerability exists in the Linux kernel's FPU (Floating Point Unit) management code for KVM guests, specifically in how the kernel handles extended processor state (XSAVE/XRSTOR) when XFD is active.
When a guest VM executes WRMSR(MSR_IA32_XFD) to set XFD[18] = 1, and a host IRQ triggers kernel_fpu_begin() prior to the vmexit handler's call to fpu_update_guest_xfd(), the XSTATE_BV and XFD bits become desynchronized. Similarly, when userspace applications use KVM_SET_XSAVE to set XSTATE_BV[i]=1 while XFD[i]=1, the condition for kernel panic is met.
Upon the subsequent XRSTOR operation, the processor raises a #NM exception because it encounters an enabled bit in XSTATE_BV for a feature that is disabled via XFD. The kernel's exception handler at exc_device_not_available+0x101/0x110 triggers a WARNING followed by a panic, as this condition is not properly handled.
The crash occurs in the restore_fpregs_from_fpstate() function during FPU state restoration, affecting critical KVM code paths including kvm_arch_vcpu_ioctl_run() and kvm_load_guest_fpu().
Root Cause
The root cause is a race condition between guest XFD modifications and kernel interrupt handling. The fpu_update_guest_xfd() function sets XFD without first clearing the corresponding bits in XSTATE_BV, creating a window where:
- Guest executes WRMSR(MSR_IA32_XFD) to disable a feature
- A host interrupt occurs, triggering kernel FPU operations
- The FPU state is saved with the old XFD value but the guest's XSTATE_BV
- When restoring, XRSTOR encounters XSTATE_BV[i]=1 with XFD[i]=1, causing #NM
Additionally, userspace can directly trigger this condition by using KVM_SET_XSAVE to inject malformed FPU state where XSTATE_BV bits are set for XFD-disabled features.
Attack Vector
The vulnerability can be triggered through two primary vectors:
Race Condition Vector: An attacker running a guest VM can repeatedly toggle AMX features via MSR writes while generating interrupt activity on the host. The timing window between the WRMSR and fpu_update_guest_xfd() allows the race condition to manifest.
Userspace Injection Vector: A local attacker with access to KVM device files can craft a malicious XSAVE state buffer and inject it via the KVM_SET_XSAVE ioctl, directly setting XSTATE_BV bits for XFD-disabled features without requiring precise timing.
Both vectors result in host kernel panic, causing denial of service for all VMs and workloads on the affected system.
Detection Methods for CVE-2026-23005
Indicators of Compromise
- Kernel panic messages referencing exc_device_not_available in call traces
- Crash logs showing restore_fpregs_from_fpstate+0x36/0x90 in the stack trace
- System reboots coinciding with KVM guest AMX feature usage
- Kernel warnings at arch/x86/kernel/traps.c:1524 related to FPU operations
Detection Strategies
- Monitor kernel logs for WARNING messages containing exc_device_not_available and amx_test or similar AMX-related processes
- Implement kernel crash dump analysis to identify FPU/XSAVE-related panics
- Track KVM_SET_XSAVE ioctl calls with XSTATE_BV bits set for AMX components
- Enable kernel tracing on fpu_update_guest_xfd() and related FPU management functions
Monitoring Recommendations
- Configure kdump or similar crash dump mechanisms to capture kernel panics for analysis
- Monitor dmesg output for FPU-related warnings or errors on KVM hosts
- Implement alerting on unexpected host reboots when running virtualized AMX workloads
- Review audit logs for suspicious KVM_SET_XSAVE ioctl patterns from non-privileged users
How to Mitigate CVE-2026-23005
Immediate Actions Required
- Apply the latest Linux kernel patches that address the XSTATE_BV/XFD synchronization issue
- Consider temporarily disabling AMX feature passthrough to guests if patching is not immediately possible
- Restrict access to KVM device files to trusted users and processes
- Implement kernel live patching if available to apply fixes without system reboot
Patch Information
The fix ensures that XSTATE_BV[i] is cleared whenever XFD[i]=1, maintaining consistency between the two state indicators. This aligns with the Intel SDM specification which states that XSAVE operations save XSTATE_BV as '0' for XFD-disabled components. The patch modifies fpu_update_guest_xfd() and the KVM_SET_XSAVE handler to enforce this invariant.
Kernel patches are available in the following commits:
Workarounds
- Disable AMX feature exposure to guest VMs by removing +amx-bf16,+amx-tile,+amx-int8 from QEMU CPU flags
- Use KVM module parameters to restrict XFD-capable features if supported by your kernel version
- Implement SELinux or AppArmor policies to restrict KVM_SET_XSAVE ioctl access
- Run untrusted guest workloads on hosts without AMX-capable processors
# Configuration example
# Disable AMX features in QEMU guest configuration
# Add to QEMU command line or libvirt XML
# QEMU: -cpu host,-amx-bf16,-amx-tile,-amx-int8
# Or modify /etc/modprobe.d/kvm.conf to restrict KVM features
echo "options kvm enable_amx=0" >> /etc/modprobe.d/kvm.conf
modprobe -r kvm_intel kvm
modprobe kvm_intel
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
