This issue does not affect the version of the kernel package as shipped with Kylin Enterprise Linux 5, 6, and Kylin Enterprise MRG 2.
This issue affects the versions of Linux kernel as shipped with Kylin Enterprise Linux 7. Future kernel updates for Kylin Enterprise Linux 7 may address this issue.
Note:- Impact on Kylin Enterprise Linux 7 kernel is limited, as it requires that nested virtualization feature is enabled on a system. Nested Virtualization feature is available only as - Technology Preview.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest.