The pit_ioport_read function in the Programmable Interval Timer (PIT)
emulation in i8254.c in KVM 83 does not properly use the pit_state data
structure, which allows guest OS users to cause a denial of service (host
OS crash or hang) by attempting to read the /dev/port file.
Marcelo Tosatti discovered that the Linux kernel's hardware virtualization
did not correctly handle reading the /dev/port special device. A local
attacker in a guest operating system could issue a specific read that would
cause the host system to crash, leading to a denial of service.
Updated: 2015-07-29 20:37:49 UTC (commit 9756)