Linux Kernel Vulnerability in QEMU VMware Mouse Emulation
CVE-2026-23215

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 February 2026

What is CVE-2026-23215?

A vulnerability within the Linux kernel's handling of VMware hypercalls has been identified, particularly affecting the QEMU VMware mouse emulation. This issue arises due to the improper handling of the %rdi register, where a bug in the QEMU vmmouse driver causes the upper 32 bits of %rdi to be cleared. This leads to page faults when dereferencing addresses that should contain valid kernel stack pointers. While the ideal resolution lies within the QEMU layer, a workaround has been implemented in the kernel to maintain compatibility with legacy setups. The issue has primarily manifested with vmware_hypercall3() and vmware_hypercall4(), highlighting the critical nature of robust memory access management in virtualization environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 34bf25e820ae1ab38f9cd88834843ba76678a2fd < 2f467a92df61eb516a4ec36ee16234dd4e5ccf00

Linux 34bf25e820ae1ab38f9cd88834843ba76678a2fd

Linux 34bf25e820ae1ab38f9cd88834843ba76678a2fd < 2687c848e57820651b9f69d30c4710f4219f7dbf

References

https://git.kernel.org/stable/c/2f467a92df61eb516a4ec36ee...
https://git.kernel.org/stable/c/feb603a69f830acb58f78d604...
https://git.kernel.org/stable/c/2687c848e57820651b9f69d30...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.