CVE-2016-10150

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.8.13

Description The issue is related to a use-after-free vulnerability in the kvm ioctl create device function. This vulnerability can be exploited by host OS users to cause a denial of service, resulting in a host OS crash, or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.

Recommendations For Linux kernel versions prior to 4.8.13, update to version 4.8.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the /dev/kvm device to minimize the risk of exploitation.