Linux kernel built with the KVM virtualisation support(CONFIG_KVM), with nested virtualisation(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. A L1 guest user could use this flaw to leak host memory potentially resulting in DoS. Upstream patch: --------------- -> https://www.spinics.net/lists/kvm/msg144319.html Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1417812 ~ eleix (Security Padawan) Reproducible: Didn't try
~/git/linux/torvalds $ fix_in_what_release 06ce521af9558814b8606c0476c54497cf83a653 3.18.50 4.4.63 4.9.24 4.10.10