FreeBSD : FreeBSD -- sigqueue(2) missing capability mode restriction (94f20492-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 94f20492-6473-11f1-958d-bc241121aa0a advisory. sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the...

PT-2024-29640 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: Malicious software running in a guest VM can exploit a buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. The bhyve process ru...

CVE-2022-23092

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...