An out-of-bounds access issue was found in the way Linux kernel#039;s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer #039;struct kvm_coalesced_mmio#039; object, wherein write indices #039;ring-gt;first#039; and #039;ring-gt;last#039; value could be supplied by a host user-space process. An unprivileged host user or process with access to #039;/dev/kvm#039; device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system