CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
12.9%
A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled.
This vulnerability can be mitigated by disabling the nested virtualization feature.
For Intel:
# modprobe -r kvm_intel
# modprobe kvm_intel nested=0
For AMD:
# modprobe -r kvm_amd
# modprobe kvm_amd nested=0