Linux kernel built for the x86 architecture, with the KVM virtualisation support(CONFIG_KVM) is vulnerable to a NULL pointer dereference flaw. It could occur while doing KVM's Virtual CPU ioctl(2) call, in Linux kernel's kvm_apic_has_events() function.
An unprivileged user able to access "/dev/kvm" device, could use this flaw to crash the system kernel resulting in DoS.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1230774]
This issue does not affect the versions of Linux kernel as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
This issue affects the version of the kernel package as shipped with
Red Hat Enterprise Linux 7.
This has been rated as having Moderate security impact and is not currently
planned to be addressed in future updates. For additional information, refer
to the Red Hat Enterprise Linux Life Cycle:
kernel-4.0.6-300.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.0.6-200.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
Please update description, seems it was fixed in RHEL7.2