FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4edaa9f4-6b51-11ef-9a62-002590c1f29c	FreeBSD -- bhyve(8) privileged guest escape via USB controller Problem Description: bhyve can be configured to emulate devices on a virtual USB controller (XHCI), such as USB tablet devices. An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. Impact: A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. Discovery 2024-09-04 Entry 2024-09-05 FreeBSD >= 14.1 lt 14.1_4 >= 14.0 lt 14.0_10 >= 13.3 lt 13.3_6 CVE-2024-32668 SA-24:12.bhyve

VuXML ID

Description

4edaa9f4-6b51-11ef-9a62-002590c1f29c

FreeBSD -- bhyve(8) privileged guest escape via USB controller

Problem Description:

bhyve can be configured to emulate devices on a virtual USB controller (XHCI), such as USB tablet devices. An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller.

Impact:

A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.

Discovery 2024-09-04
Entry 2024-09-05
FreeBSD

>= 14.1 lt 14.1_4

>= 14.0 lt 14.0_10

>= 13.3 lt 13.3_6

CVE-2024-32668
SA-24:12.bhyve