TTCSIRT-151.080218: TT-CSIRT Advisory – Linux Security Updates
Kernel.org has released a security update stating that a vulnerability in the Kernel-based Virtual Machine (KVM) virtualization subsystem of the Linux Kernel exists due to the vmx.c source code file failing to set the GDT.LIMIT value to the previous host. As a result, malicious entries could be placed in the Global Descriptor Table (GDT) on an affected system.
An attacker could exploit this vulnerability by submitting a request with malicious input to the targeted system thereby gaining elevated privileges.
|Further information on this vulnerability and how it can be mitigated can be found on the Kernel.org Website at https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3444d7da1839b851eefedd372978d8a982316c36|