The host is installed with kernel through 3.18 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted application that reads a 16-bit value. Successful exploitation makes it easier for guest OS users to bypass the ASLR protection mechanism.