| Description: | arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. XXX-no-USN-needed-see-NOTE-XXX It was discovered that the Linux kernel mishandles the APICv on/off state, allowing guest OS users direct APIC MSR access on the host OS. A local attacker could use this to cause a denial of service (host OS crash), or possibly execute arbitrary code with administrative privileges in the host OS.
|