A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10901
https://access.redhat.com/errata/RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2393
https://access.redhat.com/errata/RHSA-2018:2392
https://access.redhat.com/errata/RHSA-2018:2391