This issue is caused by missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances, the L2 guest is able to run VMLOAD/VMSAVE unintercepted, and thus read/write portions of the host physical memory. https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc CREATE(Triage):(User=admin) CVE-2021-3656 (https://nvd.nist.gov/vuln/detail/CVE-2021-3656)