Zdenek Kaspar

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.18.0-rc5 **Description** A vulnerability in the Linux kernel has been resolved. The issue is related to the x86/fpu component of the KVM (Kernel-based Virtual Machine) and affects the handling of FPU state for userspace. When saving FPU state, KVM sets the FP+SSE bits in the XSAVE header even if the host does not support XSAVE. This can lead to out-of-bounds writes and data corruption when running on hosts without XSAVE support. The vulnerability is caught by KASAN (Kernel Address Sanitizer) and results in a slab-out-of-bounds error. **Recommendations** For Linux kernel versions prior to 5.18.0-rc5, update to a newer version to resolve the issue. As a temporary workaround, consider disabling the FPU component of KVM to minimize the risk of exploitation. Restrict access to the vulnerable `fpu copy uabi to guest fpstate` function until a patch is available. Avoid using the `kvm arch vcpu ioctl` function with the `fpu copy uabi to guest fpstate` function until the issue is resolved.