An out-of-bounds access issue was found in the way Linux kernels KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer struct kvm_coalesced_mmio object, wherein write indices ring-gt;first and ring-gt;last value could be supplied by a host user-space process. An unprivileged host user or process with access to /dev/kvm device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.