Fedora Account System
Red Hat Associate
Red Hat Customer
A use-after-free vulnerability was found in KVM's shadow EPT code. The bug requires the ability for the guest to initiate a host or device write to guest memory, to bypass KVM's write-tracking. In practice, this vulnerability is exploitable from almost any VMX x86 guest with nested virtualization enabled or using shadow paging (ept=0). The flaw can lead to a denial-of-service (DoS) condition and host kernel memory corruption.
*** This bug has been marked as a duplicate of bug 2453803 ***