Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "linux-aws-tools-4.4.0-1096": "4.4.0-1096.101", "linux-cloud-tools-4.4.0-1096-aws": "4.4.0-1096.101", "linux-image-4.4.0-1096-aws": "4.4.0-1096.101", "linux-tools-4.4.0-1096-aws": "4.4.0-1096.101", "linux-buildinfo-4.4.0-1096-aws": "4.4.0-1096.101", "linux-image-4.4.0-1096-aws-dbgsym": "4.4.0-1096.101", "linux-aws-cloud-tools-4.4.0-1096": "4.4.0-1096.101", "linux-aws-headers-4.4.0-1096": "4.4.0-1096.101", "linux-headers-4.4.0-1096-aws": "4.4.0-1096.101", "linux-modules-4.4.0-1096-aws": "4.4.0-1096.101" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "irda-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "pata-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "fat-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "message-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-headers-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "virtio-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "floppy-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-buildinfo-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "linux-modules-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "block-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "pcmcia-storage-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "nic-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "scsi-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "fs-secondary-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "ipmi-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-lts-xenial-cloud-tools-4.4.0-214": "4.4.0-214.246~14.04.1", "linux-image-unsigned-4.4.0-214-generic-dbgsym": "4.4.0-214.246~14.04.1", "linux-image-4.4.0-214-generic-dbgsym": "4.4.0-214.246~14.04.1", "pcmcia-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-tools-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "linux-headers-4.4.0-214": "4.4.0-214.246~14.04.1", "nic-pcmcia-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-headers-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "serial-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-lts-xenial-tools-4.4.0-214": "4.4.0-214.246~14.04.1", "fs-core-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "md-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-cloud-tools-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "linux-image-unsigned-4.4.0-214-lowlatency-dbgsym": "4.4.0-214.246~14.04.1", "nic-shared-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "storage-core-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "parport-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "plip-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-image-unsigned-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "nic-usb-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "usb-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "ppp-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "speakup-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "input-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-modules-extra-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "crypto-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-cloud-tools-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "multipath-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "sata-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "kernel-image-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "mouse-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-tools-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "linux-image-unsigned-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "linux-modules-4.4.0-214-lowlatency": "4.4.0-214.246~14.04.1", "linux-lts-xenial-udebs-generic": "4.4.0-214.246~14.04.1", "firewire-core-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-image-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "vlan-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "linux-buildinfo-4.4.0-214-generic": "4.4.0-214.246~14.04.1", "fb-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1", "nfs-modules-4.4.0-214-generic-di": "4.4.0-214.246~14.04.1" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "irda-modules-4.4.0-214-generic-di": "4.4.0-214.246", "pata-modules-4.4.0-214-generic-di": "4.4.0-214.246", "fat-modules-4.4.0-214-generic-di": "4.4.0-214.246", "dasd-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-source-4.4.0": "4.4.0-214.246", "message-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-udebs-generic": "4.4.0-214.246", "linux-headers-4.4.0-214-generic": "4.4.0-214.246", "virtio-modules-4.4.0-214-generic-di": "4.4.0-214.246", "floppy-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-tools-4.4.0-214": "4.4.0-214.246", "linux-buildinfo-4.4.0-214-lowlatency": "4.4.0-214.246", "linux-modules-4.4.0-214-generic": "4.4.0-214.246", "block-modules-4.4.0-214-generic-di": "4.4.0-214.246", "pcmcia-storage-modules-4.4.0-214-generic-di": "4.4.0-214.246", "nic-modules-4.4.0-214-generic-di": "4.4.0-214.246", "scsi-modules-4.4.0-214-generic-di": "4.4.0-214.246", "fs-secondary-modules-4.4.0-214-generic-di": "4.4.0-214.246", "ipmi-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-image-unsigned-4.4.0-214-generic-dbgsym": "4.4.0-214.246", "linux-image-4.4.0-214-generic-dbgsym": "4.4.0-214.246", "pcmcia-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-tools-4.4.0-214-generic": "4.4.0-214.246", "linux-headers-4.4.0-214": "4.4.0-214.246", "nic-pcmcia-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-headers-4.4.0-214-lowlatency": "4.4.0-214.246", "serial-modules-4.4.0-214-generic-di": "4.4.0-214.246", "fs-core-modules-4.4.0-214-generic-di": "4.4.0-214.246", "md-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-cloud-tools-4.4.0-214-lowlatency": "4.4.0-214.246", "linux-image-unsigned-4.4.0-214-lowlatency-dbgsym": "4.4.0-214.246", "linux-cloud-tools-common": "4.4.0-214.246", "linux-libc-dev": "4.4.0-214.246", "nic-shared-modules-4.4.0-214-generic-di": "4.4.0-214.246", "storage-core-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-doc": "4.4.0-214.246", "dasd-extra-modules-4.4.0-214-generic-di": "4.4.0-214.246", "parport-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-image-unsigned-4.4.0-214-generic": "4.4.0-214.246", "nic-usb-modules-4.4.0-214-generic-di": "4.4.0-214.246", "plip-modules-4.4.0-214-generic-di": "4.4.0-214.246", "usb-modules-4.4.0-214-generic-di": "4.4.0-214.246", "ppp-modules-4.4.0-214-generic-di": "4.4.0-214.246", "speakup-modules-4.4.0-214-generic-di": "4.4.0-214.246", "input-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-modules-extra-4.4.0-214-generic": "4.4.0-214.246", "crypto-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-cloud-tools-4.4.0-214-generic": "4.4.0-214.246", "linux-tools-host": "4.4.0-214.246", "multipath-modules-4.4.0-214-generic-di": "4.4.0-214.246", "sata-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-cloud-tools-4.4.0-214": "4.4.0-214.246", "kernel-image-4.4.0-214-generic-di": "4.4.0-214.246", "linux-image-unsigned-4.4.0-214-lowlatency": "4.4.0-214.246", "linux-modules-4.4.0-214-lowlatency": "4.4.0-214.246", "mouse-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-tools-4.4.0-214-lowlatency": "4.4.0-214.246", "linux-buildinfo-4.4.0-214-generic": "4.4.0-214.246", "firewire-core-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-image-4.4.0-214-generic": "4.4.0-214.246", "vlan-modules-4.4.0-214-generic-di": "4.4.0-214.246", "linux-tools-common": "4.4.0-214.246", "fb-modules-4.4.0-214-generic-di": "4.4.0-214.246", "nfs-modules-4.4.0-214-generic-di": "4.4.0-214.246" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "linux-buildinfo-4.4.0-1132-aws": "4.4.0-1132.146", "linux-cloud-tools-4.4.0-1132-aws": "4.4.0-1132.146", "linux-aws-headers-4.4.0-1132": "4.4.0-1132.146", "linux-modules-4.4.0-1132-aws": "4.4.0-1132.146", "linux-tools-4.4.0-1132-aws": "4.4.0-1132.146", "linux-headers-4.4.0-1132-aws": "4.4.0-1132.146", "linux-aws-tools-4.4.0-1132": "4.4.0-1132.146", "linux-image-4.4.0-1132-aws-dbgsym": "4.4.0-1132.146", "linux-aws-cloud-tools-4.4.0-1132": "4.4.0-1132.146", "linux-image-4.4.0-1132-aws": "4.4.0-1132.146", "linux-modules-extra-4.4.0-1132-aws": "4.4.0-1132.146" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "linux-buildinfo-4.4.0-1097-kvm": "4.4.0-1097.106", "linux-image-4.4.0-1097-kvm": "4.4.0-1097.106", "linux-modules-4.4.0-1097-kvm": "4.4.0-1097.106", "linux-cloud-tools-4.4.0-1097-kvm": "4.4.0-1097.106", "linux-headers-4.4.0-1097-kvm": "4.4.0-1097.106", "linux-kvm-cloud-tools-4.4.0-1097": "4.4.0-1097.106", "linux-kvm-headers-4.4.0-1097": "4.4.0-1097.106", "linux-kvm-tools-4.4.0-1097": "4.4.0-1097.106", "linux-image-4.4.0-1097-kvm-dbgsym": "4.4.0-1097.106", "linux-tools-4.4.0-1097-kvm": "4.4.0-1097.106" } ] }