CVE-2023-3494 bhyve privileged guest escape via fwctl

🗓️ 01 Aug 2023 22:13:21Reported by freebsdType

CVE-2023-3494 bhyve escape via fwctl buffer overflow

Reporter	Title	Published	Views	Family All 10
FreeBSD	FreeBSD -- bhyve privileged guest escape via fwctl	1 Aug 202300:00	–	freebsd
CNNVD	FreeBSD Security Vulnerabilities	1 Aug 202300:00	–	cnnvd
CVE	CVE-2023-3494	1 Aug 202322:13	–	cve
EUVD	EUVD-2023-44153	3 Oct 202520:07	–	euvd
FreeBSD Advisory	FreeBSD-SA-23:07.bhyve	1 Aug 202300:00	–	freebsd_advisory
Tenable Nessus	FreeBSD : FreeBSD -- bhyve privileged guest escape via fwctl (ab437561-47c0-11ee-8e38-002590c1f29c)	31 Aug 202300:00	–	nessus
NVD	CVE-2023-3494	1 Aug 202323:15	–	nvd
Prion	Buffer overflow	1 Aug 202323:15	–	prion
RedhatCVE	CVE-2023-3494	14 Feb 202512:44	–	redhatcve
Vulnrichment	CVE-2023-3494 bhyve privileged guest escape via fwctl	1 Aug 202322:13	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "bhyve"
    ],
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "lessThan": "13.2-RELEASE-p2",
        "status": "affected",
        "version": "13.2-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "13.1-RELEASE-p9",
        "status": "affected",
        "version": "13.1-RELEASE",
        "versionType": "release"
      }
    ]
  }
]

Source	Link
security	www.security.freebsd.org/advisories/FreeBSD-SA-23:07.bhyve.asc
security	www.security.netapp.com/advisory/ntap-20230831-0006/

31 Aug 2023 18:06Current

9.3High risk

Vulners AI Score9.3

EPSS0.00218

CWE-120