Linux · Linux Kernel · CVE-2016-3713
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.6.1
**Description**
The issue allows guest OS users to read or write to the kvm arch vcpu data structure, potentially obtaining sensitive information or causing a denial of service (system crash). This can be achieved via a crafted ioctl call.
**Recommendations**
For versions prior to 4.6.1, update to version 4.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the msr mtrr valid function in arch/x86/kvm/mtrr.c to minimize the risk of exploitation.