NULL pointer dereference vulnerability in kvm_apic_has_events function in Linux kernel through 4.1.3

NULL pointer dereference vulnerability in kvm_apic_has_events function in Linux kernel through 4.1.3

CVE-2015-4692 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.