A KVM guest on AMD can launch a L2 guest without the Intercept
VMRUN control bit by exploiting a TOCTOU vulnerability in
nested_svm_vmrun. Executing vmrun from the L2 guest, will then
trigger a second call to nested_svm_vmrun and corrupt
svm->nested.hsave with data copied out of the L2 vmcb. For
kernel versions that include the commit "2fcf4876: KVM: nSVM:
implement on demand allocation of the nested state" (>=5.10),
the guest can free the MSR permission bit in svm->nested.msrpm,
while it's still in use and gain unrestricted access to host
MSRs.
