CVE - CVE-2016-4440

CVE-ID
CVE-2016-4440	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:[oss-security] 20160520 CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access URL:http://www.openwall.com/lists/oss-security/2016/05/20/2 MISC:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f URL:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1337806 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1337806 MISC:https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f URL:https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f
Assigning CNA
Red Hat, Inc.
Date Record Created
20160502	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20160502)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)