A vulnerability in the vcpu_scan_ioapic function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability exists in the vcpu_scan_ioapic function, as defined in the arch/x86/kvm/x86.c source code file of the affected software, and is due to the failure of the I/O Advanced Programmable Interrupt Controller (I/O APIC) to initialize. An attacker could exploit the vulnerability by accessing the system and executing an application that submits malicious system calls to the affected software. A successful exploit could trigger a NULL pointer dereference, which could result in a DoS condition. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19407
