A security vulnerability in the virtualization software built into Intel’s hardware allows an attacker to execute code in Ring 0 of the CPU.
The problem affects 64-bit versions of Windows, Linux, FreeBSD and the Xen hypervisor.
By manipulating the stack, an attacker from Ring 3 can get code executed in Ring 0 of the CPU to elevate their local privileges or escape the virtual machine jail.
The flaw seems to only affect Intel hardware – AMD and ARM CPUs do not suffer from the issue.
To close the security hole, users should apply updates from their operating system supplier. To this end, Xen, FreeBSD and Microsoft published operating system specific details on the vulnerability. Linux vendor Red Hat also published two updates on the problem.