This release has been tracked in v52.0 group of our roadmap project.

Security Fixes

This release fixes a use-after-free vulnerability in the
virtio-block async I/O completion path (#8220). Details can be found
in GHSA-f47p-p25q-83rh (CVE-2026-45782).

Confidential VM Support: KVM SEV-SNP

AMD SEV-SNP confidential VMs can now be launched on KVM in addition to
MSHV. Cloud Hypervisor uses guest_memfd to back private memory and
loads an IGVM-packaged firmware (e.g. Oak stage0) to bring up an
SEV-SNP guest on real hardware (#7942).

Measured-boot support has been completed for KVM SEV-SNP guests,
bringing parity with the QEMU launch flow: the kernel, command line,
and initrd are reflected in the launch measurement, and a signed SNP
ID block can be passed so the guest (or a remote attestor) can verify
the launch (#8123).

VFIO Device Passthrough via iommufd and vfio-cdev

Cloud Hypervisor now supports the modern Linux VFIO device-access
model based on the iommufd subsystem and per-device vfio-cdev
character devices (available since Linux v6.6). This unlocks the
advanced IOMMU features exposed by modern hardware and enables fully
accelerated IOMMU support inside the guest. The legacy
container/group-based path continues to be supported (#7981).

In addition, several VFIO/PCI improvements have landed:

• A new host_mmap_bars option allows selective mapping of VFIO BARs
  into the guest, so devices that expose registers that should not be
  fast-pathed can be selectively trapped (#7991).
• Sub-page VFIO BARs are now expanded to a full page for mmap(),
  avoiding spurious failures on devices with small BARs (#7939).
• VfioMsix::cap and VfioMsix::bar are now kept synchronized to
  avoid stale MSI-X state (#7993).
• VFIO MMIO regions are now reliably cleared in DeviceManager::drop
  (#8063).
• Deferred PCI BAR reprogramming state is now part of the saved
  device state (#7945).
• GSIs for MSI/MSI-X interrupt vectors are now allocated lazily,
  reducing GSI consumption for VMs with many devices (#7940).

Multi-Connection TCP Live Migration

The send-migration HTTP command now accepts a connections
parameter (defaults to 1) that controls how many parallel TCP
connections are used for the live migration data transfer. On
servers with high-bandwidth (e.g. 100G) network links, multiple
connections significantly increase migration throughput (#7669).

Userfaultfd Demand-Paged Snapshot Restore

A new memory_restore_mode option on the restore path allows guest
memory to be populated lazily via userfaultfd instead of reading
the entire memory snapshot before the VM resumes. This dramatically
reduces restore-to-resume latency for large guests, at the cost of
faulting pages in on demand after resume (#7800).

Configurable PCI BDFs for Devices

Users now can configure the PCI slot/device number, the middle
part of the PCI BDF, through the CLI and API; bus and function
remain fixed at 0. This covers virtio devices (except balloon),
VFIO devices, vfio-user device, and generic vhost-user devices
(#8175, #7965, #8174, #8163).

AIO Block Backend write_zeroes and punch_hole Support

The AIO block backend now implements write_zeroes and punch_hole,
fixing a v51.0 regression that affected guests on hosts with
io_uring disabled (e.g. RHEL 9 / CentOS Stream 9, where
kernel.io_uring_disabled=2 is a common hardening default)
(#7817).

Asynchronous QCOW2 Backend with io_uring

A new QcowDiskAsync backend uses io_uring for data I/O on QCOW2
images and is automatically selected when io_uring is available
(falling back to the synchronous backend otherwise). Each virtio
queue gets its own ring and its own duplicated file descriptor,
enabling parallel data I/O across queues; QCOW2 metadata is shared
behind an Arc<RwLock<_>> (#7882).

Generic vhost-user Device Support

A new generic vhost-user-generic device type has been added.
All information about the device (number of queues, queue size,
feature bits, etc.) is provided to Cloud Hypervisor via the
command line or API, allowing arbitrary vhost-user backends to be
attached without device-type-specific support in the VMM (#7221).

Core Scheduling for vCPU Threads

A new core_scheduling option on --cpus controls how vCPU threads
are placed on SMT siblings via the kernel's core-scheduling feature,
which is useful for mitigating cross-thread side-channel attacks
without disabling SMT outright. Three modes are supported: vm
(default — all vCPU threads share one cookie), one-cookie-per-vCPU,
and a configurable grouping mode (#7747).

Snapshot/Restore and Live Migration Improvements

• Snapshot and restore now treat the memory backing file as a sparse
  file: on snapshot the backing FD is sought with
  SEEK_DATA/SEEK_HOLE to skip unallocated regions, and on restore
  the on-disk file is read as sparse. Pages the guest never touched
  remain as holes in the backing file, substantially reducing both
  snapshot size and restore time (#8113).
• Paused VMs can now be migrated (#8099).
• User-configurable downtime and timeout parameters for live
  migration (#7835), and improved downtime observability (#7979).
• A new option to automatically resume the VM on restore, useful
  when restoring from the VMM command line without an API socket
  (#7857).
• Snapshot/restore support for vhost-user devices has been filled
  out (#7908), including migration support for virtio-fs (#7937).
• Vsock connections are now reset on snapshot restore to avoid stale
  half-open connections on the guest side (#7958).
• The KVM clock is now restored before vCPUs are resumed (#7932),
  and notify_guest_clock_paused is called for Hyper-V guests
  (#7933), eliminating clock jumps observed after restore.
• vhost-user devices receive a guest interrupt on resume so that
  in-flight I/O is not stalled across pause/resume (#7851), and
  activated queue eventfds are signaled on resume for all virtio
  devices (#8004).
• UFFDIO_WAKE and UFFD_FEATURE_MISSING_HUGETLBFS are now handled
  correctly (#8016).

New Command-Line and API Options

• --no-shutdown keeps the VMM process running when the guest
  triggers a shutdown. This is useful for higher-level management
  layers that need full control over the VMM process (#8025).
• fw_cfg now supports inline string items via
  --fw-cfg name=...,string=..., matching QEMU's syntax (#7825).
• A new per-zone mergeable option on --memory-zone lets KSM
  merging be controlled per memory zone instead of only globally
  (#7983).
• Disk lock granularity is now configurable via --disk (#7763).
• --cpus threads_per_core is now enforced to be at most two
  (#8078), matching the hardware constraint.
• --log-format controls the log output format, complementing
  existing log-level controls (#8172). Wallclock log timestamps
  now use UTC (#8193).
• The HTTP API now logs error responses (#8181), and the
  user_devices configuration is included in the OpenAPI spec
  (#8072).

MSHV Support Improvements

• SVM_EXIT_CPUID, SVM_EXIT_MSR, and GHCB_MSR_TERM_REQ handlers
  have been added to the SEV-SNP exit path (#7934).
• Guest MTRR MSRs are now preserved on KVM (#7944).
• Nested-virtualization control fixes on AMD (#7783).

Deprecations

Auto-detection of disk image types is now deprecated and will be
removed in a future release. Specify the image type explicitly via
the --disk image_type=... CLI option or the image_type field
on DiskConfig in the HTTP/D-Bus API to avoid the deprecation
warning (#8219).

Notable Bug Fixes

• Fix a guest-triggerable VMM panic via an out-of-bounds
  queue_select in the MSI-X vector access path on the virtio PCI
  common config (#7918).
• Saturate instead of underflowing on a malformed balloon actual
  value reported by the guest (#7903).
• IOMMU address translation now returns errors instead of panicking
  on malformed guest input (#8023).
• Several virtio device error paths now reset queues instead of
  panicking or exiting the worker (#8128); additional device
  manager paths avoid guest-induced panics (#8186).
• Virtio barriers are now sized from the number of queues actually
  activated by the guest, fixing pause hangs (#7881).
• Spec compliance fixes for virtio device config layouts (#7805).
  and other small spec deviations (#8066). Console descriptor-chain
  processing has been fixed (#7802). dword writes to the MSI-X
  control register are now handled (#7956).
• PCI segment ACPI _UID values now match the segment ID (#7992).
• Fix VHDX multiqueue data corruption (#7746).
• Fix block-device resize-disk (#7948) and the writeback-mode
  update flow (#7949).
• Fix vdpa RX failure after device reset by always using base 0
  (#7964).
• Fix rebooting with landlock and a pty console (#7911).
• Reject rate limiting with vhost-user (#8135).
• Fix a deadlock between CpuManager::pause() and MMIO writes to
  the ACPI CPU hotplug controller (#7990, #8092).
• Cancel vhost-user reconnection if the device has been unplugged
  (#8182).
• Remove the API socket path when start_vmm fails (#8018).
  *...

This is a point release containing security fixes to a use-after-free
vulnerability in the virtio-block async I/O completion path
(#8220). Details can be found in GHSA-f47p-p25q-83rh (CVE-2026-45782).

This is a bug fix release. The following issues have been addressed:

• Fix image_type in OpenAPI definition (#7734)

This is a bug fix release. The following issues have been addressed:

• Fix image_type in OpenAPI definition (#7734)

This release has been tracked in v51.0 group of our roadmap project.

Security Fixes

This release fixes a security vulnerability in disk image handling.
Details can be found in GHSA-jmr4-g2hv-mjj6.

• A new backing_files=on|off option has been added to --disk to
  explicitly control whether QCOW2 backing files are permitted. This
  defaults to off to prevent the loading of backing files entirely.
  (#7685)
• Explicit image type specification via the user interface, removing
  reliance on format autodetection (#7728).
• Prevent sector-zero writes for autodetected raw images (#7728).

Significant QCOW2 v3 Improvements

A large number of QCOW2 v3 specification features have been implemented:

• RAW backing file support for QCOW2 overlays (#7570)
• Zero bit in L2 entries (#7627)
• Incompatible feature bit validation (#7612)
• Dirty bit support (#7636)
• Variable refcount widths (1 to 64-bit) (#7633)
• Corrupt bit detection and marking (#7639)
• Autoclear feature bits handling (#7648)
• Thread safety fix for multiple virtio queues (num_queues > 1)
  (#7661)
• Correct zero-fill for reads beyond backing file size (#7678)
• Live disk resize support (#7687)

ACPI Generic Initiator Support

ACPI Generic Initiator Affinity (SRAT Type 5) support has been added
to associate VFIO-PCI devices with dedicated memory/CPU-less NUMA
nodes. This enables the guest OS to make NUMA-aware memory allocation
decisions for device workloads. A new device_id parameter has been
added to --numa for specifying VFIO devices. (#7626)

Block Device DISCARD and WRITE_ZEROES Support

The virtio-blk device now supports DISCARD and WRITE_ZEROES
operations for QCOW2 and RAW image formats. This enables thin
provisioning and efficient space reclamation when guests trim
filesystems. A new sparse=on|off option has been added to --disk to
control disk space management: sparse=on (default) enables thin
provisioning with space reclamation, while sparse=off provides thick
provisioning with consistent I/O latency. (#7666)

Notable Performance Improvements

• Transparent Huge Pages (THP) support has been extended to cover
  anonymous shared memory (shared=on) via madvise. Previously, THP
  was only used for non-shared memory. (#7646)
• The vhost-user-net device now uses the default set of vhost-user
  virtio features, including VIRTIO_F_RING_INDIRECT_DESC, which
  provides a performance improvement. (#7653)

MSHV Support Improvements

• Optimize CPU state update after emulation by only updating special
  registers when changed (#7603)
• Enable SMT for guests with threads_per_core > 1 (#7668)
• Stub save_data_tables() to unblock VM pause/resume (#7692)
• Handle GHCB_INFO_SPECIAL_DBGPRINT VMG exit in SEV-SNP guest exit
  handler (#7703)
• Fix CVM boot failure on MSHV (#7548)
• Fix CPU topology detection for multithreaded configurations (#7576)

Notable Bug Fixes

• Fix VFIO device hot-remove leaving group and container file
  descriptors open, preventing re-add (#7676)
• Fix snapshot restore when backing file is on read-only storage with
  shared=false (#7674)
• Enforce VIRTIO_BLK_F_RO even if guest does not negotiate it
  (#7705)
• Fix read-only block device FLUSH requests from OVMF preventing VMs
  from booting (#7706)
• Fix vhost-user device not properly dropping unowned file descriptors
  (#7679)
• Fix vhost-user-block get_config interoperability (#7617)
• Fix vsock TOCTOU race condition by copying packet header from guest
  memory before processing (#7530)
• Fix vsock handling of large TX packets spanning multiple data
  descriptors (#7680)
• Add gettid() to all seccomp filters (#7596)
• Fix MAC address parsing that wrongly allowed + instead of hex
  characters (#7579)
• Improve UUID parse error message and --net fd help text (#7702)
• Fix various inconsistencies in our OpenAPI specification file
  (#7716, #7726)
• Various documentation fixes (#7602, #7606)

Contributors

Many thanks to everyone who has contributed to our release:

• Aastha Rawat aastharawat@microsoft.com
• Alyssa Ross hi@alyssa.is
• Anatol Belski anbelski@linux.microsoft.com
• Anirudh Rayabharam anrayabh@microsoft.com
• Bo Chen bchen@crusoe.ai
• Champ-Goblem cameron@northflank.com
• Changyuan Lyu changyuanl@google.com
• Damian Barabonkov dbctl@pm.me
• Demi Marie Obenour demiobenour@gmail.com
• Leander Kohler leander.kohler@cyberus-technology.de
• Muminul Islam muislam@microsoft.com
• Philipp Schuster philipp.schuster@cyberus-technology.de
• Rob Bradford rbradford@meta.com
• Rowen-Ye rowenye1@gmail.com
• Saravanan D saravanand@crusoe.ai
• Stanislav Kinsburskii skinsburskii@linux.microsoft.com
• Thomas Leroy thomas.leroy.mp@gmail.com
• Wei Liu liuwe@microsoft.com
• Yi Wang foxywang@tencent.com
• Zhibin Li banlu.lzb@antgroup.com
• stevenhorsman steven@uk.ibm.com

This is a point release containing security fixes and bug fixes.

Security Fixes

This release fixes a security vulnerability in disk image handling.
Details can be found in GHSA-jmr4-g2hv-mjj6.

• A new backing_files=on|off option has been added to --disk to
  explicitly control whether QCOW2 backing files are permitted. This
  defaults to off to prevent the loading of backing files entirely.
  (#7685)
• Explicit image type specification via the user interface, removing
  reliance on format autodetection (#7728).
• Prevent sector-zero writes for autodetected raw images (#7728).

Bug Fixes

• Fix various inconsistencies in our OpenAPI specification file
  (#7716, #7726)
• Fix QCOW2 thread safety for multiple virtio queues
  (num_queues > 1) (#7661)

This release has been tracked in v50.0 group of our roadmap project.

Configurable Nested Virtualization Option on x86_64

The nested=on|off option has been added to --cpu to allow users
to configure nested virtualization support in the guest on x86_64
hosts (for both KVM and MSHV). The default value is on to maintain
consistency with existing behavior. (#7408)

Compression Support for QCOW2

QCOW2 support has been extended to handle compression clusters based on
zlib and zstd. (#7462)

Notable Performance Improvements

Performance of live migration has been improved via an optimized
implementation of dirty bitmap maintenance. (#7468)

Live Disk Resizing Support for Raw Images

The /vm.resize-disk API has been introduced to allow users to resize block
devices backed by raw images while a guest is running. (#7476)

Developer Experience Improvements

Significant improvements have been made to developer experience and
productivity. These include a simplified root manifest, codified and
tightened Clippy lints, and streamlined workflows for cargo clippy and
cargo test. (#7489)

Improved File-level Locking Support

Block devices now use byte-range advisory locks instead of whole-file
locks. While both approaches prevent multiple Cloud Hypervisor instances
from simultaneously accessing the same disk image with write
permissions, byte-range locks provide better compatibility with network
storage backends. (#7494)

Logging Improvements

Logs now include event information generated by the event-monitor
module. (#7512)

Notable Bug Fixes

• Fix several issues around CPUID in the guest (#7485, #7495, #7508)
• Fix snapshot/restore for Windows Guest (#7492)
• Respect queue size in block performance tests (#7515)
• Fix several Serial Manager issues (#7502)
• Fix several seccomp violation issues (#7477, #7497, #7518)
• Fix various issues around block and qcow (#7526, #7528, #7537, #7546,
  #7549)
• Retrieve MSRs list correctly on MSHV (#7543)
• Fix live migration (and snapshot/restore) with AMX state (#7534)

Contributors

Many thanks to everyone who has contributed to our release:

• Anatol Belski anbelski@linux.microsoft.com
• Anirudh Rayabharam anrayabh@microsoft.com
• Bo Chen bchen@crusoe.ai
• Changyuan Lyu changyuanl@google.com
• Chengyu Fu chengyu.fu@linux.alibaba.com
• Connor Brewster cbrewster@hey.com
• Demi Marie Obenour demiobenour@gmail.com
• Eugene Korenevsky ekorenevsky@aliyun.com
• Julian Stecklina julian.stecklina@cyberus-technology.de
• Matt Moriarity matt@mattmoriarity.com
• Muminul Islam muislam@microsoft.com
• Oliver Anderson oliver.anderson@cyberus-technology.de
• Pascal Scholz pascal.scholz@cyberus-technology.de
• Philipp Schuster philipp.schuster@cyberus-technology.de
• Praveen K Paladugu prapal@linux.microsoft.com
• Rob Bradford rbradford@rivosinc.com
• Sebastien Boeuf seb@rivosinc.com
• Songqian Li sionli@tencent.com
• Stefan Nürnberger stefan.nuernberger@cyberus-technology.de
• Thomas Prescher thomas.prescher@cyberus-technology.de
• Wei Liu liuwe@microsoft.com

This release has been tracked in v49.0 group of our roadmap project.

MSHV Support Improvements

On AArch64 with MSHV, firmware boot (#7391) and graceful guest shutdown
(#7354) are now supported, and CI coverage has been added (#7381).

Logging Improvements

Logs now use an improved timestamp format (#7355), emit an explicit
message on graceful shutdown (#7346), and reduce noisy warnings with
newer guest kernels (#7423).

Removed Default IP and Mask for virtio-net Devices

The implicit default IP (192.168.249.1) and netmask (255.255.255.0) for
virtio-net devices have been removed, as previously announced in the
deprecation notice two releases ago (#7365). Users now can create
virtio-net devices with no IP and netmask assigned.

Notable Bug Fixes

• Prevent crash on malformed vsock connect requests (#7310)
• Drop the VFIO container when no VFIO devices are active (#7364)
• Gracefully close preserved file descriptors on hot device removal (#7371)
• Fix race condition in pause–resume cycles (#7397)
• Add NetConfig offload parameters to the OpenAPI spec file (#7445)
• Fix seccomp filter violation from the http-server thread (#7454)

Contributors

Many thanks to everyone who has contributed to our release:

• Aastha Rawat aastharawat@microsoft.com
• Alyssa Ross hi@alyssa.is
• Anirudh Rayabharam anrayabh@microsoft.com
• Ariel Chenet apchenet@gmail.com
• Bo Chen bchen@crusoe.ai
• Can Zhang icloud9957@gmail.com
• Eugene Korenevsky ekorenevsky@aliyun.com
• Maximilian Güntner code@mguentner.de
• Muminul Islam muislam@microsoft.com
• Oliver Anderson oliver.anderson@cyberus-technology.de
• Philipp Schuster philipp.schuster@cyberus-technology.de
• Rob Bradford rbradford@rivosinc.com
• Ruoqing He heruoqing@iscas.ac.cn
• Wei Liu liuwe@microsoft.com
• Yi Wang foxywang@tencent.com

This release has been tracked in v48.0 group of our roadmap project.

Experimental fw_cfg Device Support

This feature enables passing configuration data and files, such as VM
boot configurations (kernel, kernel cmdline, e820 memory map, and ACPI
tables), from the host to the guest. (#7117)

Experimental ivshmem Device Support

Support for inter-VM shared memory has been added. For more information,
please refer to the ivshmem documentation. (#6703)

Firmware Boot Support on riscv64

In addition to direct kernel boot, firmware boot support has been added
on riscv64 hosts. (#7249)

Increased vCPU Limit on x86_64/kvm

The maximum number of supported vCPUs on x86_64 hosts using KVM has been
raised from 254 to 8192. (#7299)

Improved Block Performance with Small Block Sizes

Performance for virtio-blk with small block sizes (16KB and below)
is enhanced via submitting async IO requests in batches. (#7146)

Faster VM Pause Operation

The VM pause operation now is significantly faster particularly for VMs
with a large number of vCPUs. (#7290)

Updated Documentation on Windows Guest Support

Our Windows documentation now includes instructions to run Windows 11
guests, in addition to Windows Server guests. (#7218)

Policy on AI Generated Code

We will decline any contributions known to contain contents generated or
derived from using Large Language Models (LLMs). Details can be found
in our contributing documentation. (#7162)

Removed SGX Support

The SGX support has been removed, as announced in the deprecation notice two
release cycles ago. (#7093)

Notable Bug Fixes

• Seccomp filter fixes with glibc v2.42 (#7327)
• Various fixes related to (#7331, #7334, #7335)

Contributors

Many thanks to everyone who has contributed to our release:

• Alex Orozco alexorozco@google.com
• Alyssa Ross hi@alyssa.is
• Anirudh Rayabharam anrayabh@microsoft.com
• Bo Chen bchen@crusoe.ai
• Demi Marie Obenour demiobenour@gmail.com
• Lucas Grosche lucas.grosche@cyberus-technology.de
• Muminul Islam muislam@microsoft.com
• Oliver Anderson oliver.anderson@cyberus-technology.de
• Peter Oskolkov posk@google.com
• Philipp Schuster philipp.schuster@cyberus-technology.de
• Ruoqing He heruoqing@iscas.ac.cn
• Shubham Chakrawar schakrawar@crusoe.ai
• Songqian Li sionli@tencent.com
• Wei Liu liuwe@microsoft.com

This release has been tracked in v47.0 group of our roadmap project.

Block Device Error Reporting to the Guest

Instead of exiting on I/O errors, the virtio-block device now reports
errors to the guest using VIRTIO_BLK_S_IOERR. It improves the user
experience particularly when the guest rootfs is not backed by the
affected block device. (#7107)

Nice Error Messages on Exit

We now have the chain of errors being reported and printed nicely, when
Cloud Hypervisor or ch-remote exits on errors. (#7066)

Alphabetically Sorted CLI Options for ch-remote

To improve readability, ch-remote now prints help information in
alphabetical order. (#7130)

Notable Bug Fixes

• Error out early when block device serial is too long (#7124)
• Fix partial commands being discarded for virtio-vsock (#7195)
• Disable the broken interrupt support for the rtc_pl031 device to
  prevent spurious guest interrupts (#7199)

Deprecations

• A default IP (192.168.249.1) and mask (255.255.255.0) are
  currently assigned to the virtio-net device if no value is specified
  by users. Such behavior is now deprecated. Users of this behavior will
  receive a warning message and should make adjustments. The behavior
  will be removed in two release cycles (v49.0).

Contributors

Many thanks to everyone who has contributed to our release:

• Alyssa Ross hi@alyssa.is
• Bo Chen bchen@crusoe.ai
• Demi Marie Obenour demiobenour@gmail.com
• Gauthier Jolly contact@gjolly.fr
• Hengqi Chen hengqi.chen@gmail.com
• Jinank Jain jinankjain@microsoft.com
• Jinrong Liang cloudliang@tencent.com
• Jean-Philippe Brucker jean-philippe@linaro.org
• Maximilian Güntner code@mguentner.de
• Muminul Islam muislam@microsoft.com
• Nuno Das Neves nunodasneves@linux.microsoft.com
• Philipp Schuster philipp.schuster@cyberus-technology.de
• Ruoqing He heruoqing@iscas.ac.cn
• Songqian Li sionli@tencent.com
• Wei Liu liuwe@microsoft.com
• Yi Wang foxywang@tencent.com
• ninollei ninollx@hotmail.com