11 matches found
EUVD-2019-15179
Malware in sbrugna...
EUVD-2016-2983
Malware in sbrugna...
PT-2024-34706 · Bhyve +1 · Bhyve +1
Name of the Vulnerable Software and Affected Versions: bhyve hypervisor affected versions not specified Description: The NVMe driver function nvme opc get log page is vulnerable to a buffer over-read from a guest-controlled value. This issue is related to the bhyve hypervisor and affects the NVMe...
CVE-2020-24718
bhyve, as used in FreeBSD through 12.1 and illumos e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04, does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying...
PT-2019-17778 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: FreeBSD versions 11.2-RELEASE through 11.2-RELEASE-p12 FreeBSD versions 11.3-RELEASE through 11.3-RELEASE-p1 FreeBSD versions 12.0-RELEASE through 12.0-RELEASE-p8 Description: The issue arises from the bhyve e1000 device emulation, which uses...
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...
FreeBSD bhyve buffer overflow vulnerability
FreeBSD is a Unix-like operating system from the FreeBSD Foundation. bhyve is a virtual machine hypervisor used in it. A security vulnerability exists in FreeBSD bhyve that stems from the 'pcixhcidevicedoorbell' function failing to validate the supplied 'epid' and 'streamid'. An attacker could...
CVE-2016-1889
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor...
Integer overflow
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor...
CVE-2016-1889
The CVE-2016-1889 entry describes an integer overflow in bhyve (FreeBSD hypervisor) when a guest is configured with more than about 3GB of memory. A crafted device descriptor could allow a local attacker to gain privileges by exploiting bounds-checking overflow in memory accesses by device emulat...