Linux kernel built with the Kernel-based virtual machine(CONFIG_KVM) along
with Hyper-v Synthetic Interrupt Controller(SynIC) support is vulnerable to
an undue APIC register access issue. In that a guest with SynIC enabled, could
gain access to host's Machine Specific Registers(MSR).
A privileged user inside guest could use this flaw to crash the host kernel
resulting in DoS OR potentially leverage it to escalate privileges on the host.
Note: It requires fairly latest features to be available and enabled on the
host(APICv) as well as in the guest(-hv-synic).
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1337807]
This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.
kernel-4.5.5-201.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.5.6-300.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.