In the hypervisor shipped with OpenBSD identified , which allows, through manipulations on the side of the guest system, to overwrite the contents of the kernel memory areas of the host environment. The problem is caused by the fact that some of the physical addresses of the guest system (GPA, Guest Physical Address) are reflected in the virtual kernel address space (KVA), but the write protection is not applied to the GPA in the read-only KVA areas. Due to the lack of necessary checks in the evmm_update_pvclock() function, it is possible to pass the KVA addresses of the host system to the pmap call and rewrite the contents of the kernel memory.
Update: The OpenBSD developers have released to fix the vulnerability.
Source: opennet.ru