7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
69.9%
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the
Linux kernel before 2.6.31.1 does not properly verify the Current Privilege
Level (CPL) before accessing a debug register, which allows guest OS users
to cause a denial of service (trap) on the host OS via a crafted
application.