Made public and mitigated within the mainline Linux kernel last month was the [1]VMSCAPE vulnerability affecting both AMD and Intel CPUs . Now merged for the in-development Linux 6.18 kernel is adding VMSCAPE to the recently-introduced Attack Vector Controls functionality.

[2]Attack Vector Controls was merged in Linux 6.17 as [3]a new means of controlling Linux CPU security vulnerability mitigations . With Attack Vector Controls you just need to manage the system/server use-cases and in turn the classes of possible CPU security attacks (such as VM usage with guest to host attacks or cross-VM untrusted scenarios) rather than managing CPU mitigation options individually.

With Linux 6.18, VMSCAPE is now covered by the Attack Vector Controls support. VMSCAPE mitigations are applied with Attack Vector Controls just for those concerned about guest-to-host attack vectors.

This support was merged via the [4]x86/bugs pull .



[1] https://www.phoronix.com/news/Linux-VMSCAPE

[2] https://www.phoronix.com/search/Attack+Vector+Controls

[3] https://www.phoronix.com/news/Attack-Vector-Controls-6.17

[4] https://lore.kernel.org/lkml/20250926101136.GAaNZm2JLV-DqtF1IC@fat_crate.local/