Description
A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's
Local Advanced Programmable Interrupt Controller (LAPIC) implementation.
A privileged guest user could use this flaw to crash the host.
(CVE-2013-6367)
A memory corruption flaw was discovered in the way KVM handled virtual APIC
accesses that crossed a page boundary. A local, unprivileged user could use
this flaw to crash the system or, potentially, escalate their privileges on
the system. (CVE-2013-6368)