A bug in the KVM SVM module caused the invalid instruction exception (#UD) to be omitted when a guest executed the INVLPGA instruction while the SVME (System VMM Enable) flag in the EFER register was cleared. The missing exception allowed the guest to continue execution with the instruction that should have faulted, providing a foothold for code execution that can potentially break isolation between the guest and the host kernel. The weakness type corresponds to CWE-390: Check for error condition without fixing it, reflecting the failure to generate a #UD when the SVME flag is cleared.

The flaw is present in the Linux kernel’s KVM virtualization subsystem. The affected vendor is Linux and the product is the Linux kernel itself. No specific kernel versions are listed, so any kernel build that includes the unpatched KVM SVM code is potentially vulnerable.

The CVSS score is 5.5, and the EPSS score is not available; the vulnerability is medium severity due to its capability to allow a guest to escape isolation. The KEV catalog does not currently list this flaw, suggesting that no widespread active exploitation has been reported. Based on the description, it is inferred that the attack vector is local to the guest VM; attackers would need to control a guest VM and execute privileged instructions. The flaw can be exploited without requiring additional software beyond the guest workload, making it potentially useful to attackers who can gain a foothold in a virtualized environment.