A flaw was found in Linux kernels KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a hosts userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 2.6.36 (excluding) |