EUVD-2019-15179

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

FreeBSD hypervisor flaw allows guest to crash system or access memory via XHCI device data validation issue

Reporter	Title	Published	Views	Family All 11
CNVD	FreeBSD bhyve buffer overflow vulnerability	25 Jul 201900:00	–	cnvd
CVE	CVE-2019-5604	26 Jul 201900:24	–	cve
Cvelist	CVE-2019-5604	26 Jul 201900:24	–	cvelist
FreeBSD	FreeBSD -- Bhyve out-of-bounds read in XHCI device	24 Jul 201900:00	–	freebsd
FreeBSD Advisory	FreeBSD-SA-19:16.bhyve	24 Jul 201900:00	–	freebsd_advisory
Tenable Nessus	FreeBSD : FreeBSD -- Bhyve out-of-bounds read in XHCI device (edf064fb-b30b-11e9-a87f-a4badb2f4699)	12 Aug 201900:00	–	nessus
NVD	CVE-2019-5604	26 Jul 201901:15	–	nvd
OSV	CVE-2019-5604	26 Jul 201901:15	–	osv
Prion	Design/Logic Flaw	26 Jul 201901:15	–	prion
Positive Technologies	PT-2019-17773 · Freebsd · Bhyve +1	24 Jul 201900:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "5c55cf21-79ba-38e8-abe4-4aeecdda7206",
        "vendor": {
          "name": "FreeBSD"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "16e2bb29-2c10-3955-9b9d-e4c9b00b87d2",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "and before 11.2-RELEASE-p12"
      },
      {
        "id": "599251d8-7226-34c2-a4f9-e3c699c1d823",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "FreeBSD before 12.0-RELEASE-p8"
      },
      {
        "id": "fcd25610-645d-385b-856b-35851c3acabd",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "before 11.3-RELEASE-p1"
      }
    ]
  }
]

Source	Link
security	www.security.freebsd.org/advisories/FreeBSD-SA-19:16.bhyve.asc
packetstormsecurity	www.packetstormsecurity.com/files/153753/FreeBSD-Security-Advisory-FreeBSD-SA-19-16.bhyve.html
security	www.security.netapp.com/advisory/ntap-20190814-0003/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9High risk

Vulners AI Score9

CVSS 3.19.6

CVSS 28.5

EPSS0.01778