| Description: | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. Wei Wu discovered that the KVM implementation in the Linux kernel did not properly ensure that ioapics were initialized. A local attacker could use this to cause a denial of service (system crash).
|