VYPR
High severity7.8NVD Advisory· Published Jul 26, 2018· Updated Jun 17, 2026

CVE-2018-10901

CVE-2018-10901

Description

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.