KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT
CVE-2026-46032 is a vulnerability related to KVM nested virtualization on Microsoft platforms, specifically involving a triple fault occurring if restoring the host CR3 register fails during a nested VM exit. The available information is limited and does not provide technical details beyond this behavior. No CVSS score or detailed impact analysis is available. There is no indication of known exploits in the wild or patch availability. The affected products include Microsoft and Azure Linux 3. 0 versions. Due to the lack of detailed data, the severity is assessed as medium based on the potential for system instability caused by a triple fault in virtualization environments.
AI Analysis
Technical Summary
This vulnerability involves the KVM (Kernel-based Virtual Machine) nested virtualization feature on Microsoft platforms, where a failure to restore the host CR3 register during a nested VM exit can cause a triple fault, leading to a system crash or instability. The issue affects Microsoft and Azure Linux 3.0 versions. No further technical details, CVSS score, or patch information are provided in the available data.
Potential Impact
The vulnerability can cause a triple fault, which typically results in a system crash or reboot, potentially leading to denial of service in affected virtualized environments. There is no information about exploitation in the wild or additional impacts such as privilege escalation or data compromise.
Mitigation Recommendations
Patch status is not yet confirmed — check the Microsoft Security Response Center advisory for current remediation guidance. No vendor advisory or patch links are provided in the available data. Until official guidance is available, monitor vendor communications for updates.
KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT
Description
CVE-2026-46032 is a vulnerability related to KVM nested virtualization on Microsoft platforms, specifically involving a triple fault occurring if restoring the host CR3 register fails during a nested VM exit. The available information is limited and does not provide technical details beyond this behavior. No CVSS score or detailed impact analysis is available. There is no indication of known exploits in the wild or patch availability. The affected products include Microsoft and Azure Linux 3. 0 versions. Due to the lack of detailed data, the severity is assessed as medium based on the potential for system instability caused by a triple fault in virtualization environments.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves the KVM (Kernel-based Virtual Machine) nested virtualization feature on Microsoft platforms, where a failure to restore the host CR3 register during a nested VM exit can cause a triple fault, leading to a system crash or instability. The issue affects Microsoft and Azure Linux 3.0 versions. No further technical details, CVSS score, or patch information are provided in the available data.
Potential Impact
The vulnerability can cause a triple fault, which typically results in a system crash or reboot, potentially leading to denial of service in affected virtualized environments. There is no information about exploitation in the wild or additional impacts such as privilege escalation or data compromise.
Mitigation Recommendations
Patch status is not yet confirmed — check the Microsoft Security Response Center advisory for current remediation guidance. No vendor advisory or patch links are provided in the available data. Until official guidance is available, monitor vendor communications for updates.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_vex
- Csaf Version
- 2.0
- Publisher
- Microsoft Security Response Center
- Advisory Id
- msrc_CVE-2026-46032
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a18ab82e29bf47b50288eea
Added to database: 5/28/2026, 8:54:26 PM
Last enriched: 5/28/2026, 9:06:19 PM
Last updated: 5/29/2026, 6:23:50 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.