|Description||The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 18.104.22.168 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
The information below is based on the following data on fixed versions.
[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
[lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)