CVE-2016-4440

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 4.6.3

Description The issue concerns the mishandling of the APICv on/off state in the Linux kernel, allowing guest OS users to obtain direct APIC MSR access on the host OS. This can lead to a denial of service (host OS crash) or possibly execute arbitrary code on the host OS via x2APIC mode.

Recommendations For Linux kernel versions through 4.6.3, update to a version later than 4.6.3 to resolve the issue. As a temporary workaround, consider disabling x2APIC mode until a patch is available. Restrict access to the APIC MSR to minimize the risk of exploitation.