Willy Tarreau

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.9.5 **Description** The issue is related to the load segment descriptor implementation in the Linux kernel, which improperly emulates a "MOV SS, NULL selector" instruction. This can allow guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application. The vulnerability is also associated with insufficient access control, which can be exploited by a local attacker to cause a denial of service using a specially crafted application. **Recommendations** For Linux kernel versions prior to 4.9.5, update to version 4.9.5 or later to resolve the issue.