Linux · Linux Kernel · CVE-2016-10150
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.8.13
**Description**
The issue is related to a use-after-free vulnerability in the `kvm ioctl create device` function. This vulnerability can be exploited by host OS users to cause a denial of service, resulting in a host OS crash, or possibly gain privileges via crafted ioctl calls on the `/dev/kvm` device.
**Recommendations**
For Linux kernel versions prior to 4.8.13, update to version 4.8.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/dev/kvm` device to minimize the risk of exploitation.