Ubuntu Security Notice 3293-1 - Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service in the host OS. Dmitry Vyukov discovered that the generic SCSI subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
28157ece7b6c36fc871846f3ef26802654c9896b6d03a1845e875c1ba8ff42c5