11 matches found
EUVD-2019-15179
Malware in sbrugna...
EUVD-2016-2983
Malware in sbrugna...
PT-2024-34706 · Bhyve +1 · Bhyve +1
Name of the Vulnerable Software and Affected Versions: bhyve hypervisor affected versions not specified Description: The NVMe driver function nvme opc get log page is vulnerable to a buffer over-read from a guest-controlled value. This issue is related to the bhyve hypervisor and affects the NVMe...
CVE-2020-24718
bhyve, as used in FreeBSD through 12.1 and illumos e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04, does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying...
PT-2019-17778 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: FreeBSD versions 11.2-RELEASE through 11.2-RELEASE-p12 FreeBSD versions 11.3-RELEASE through 11.3-RELEASE-p1 FreeBSD versions 12.0-RELEASE through 12.0-RELEASE-p8 Description: The issue arises from the bhyve e1000 device emulation, which uses...
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...
FreeBSD bhyve buffer overflow vulnerability
FreeBSD is a Unix-like operating system from the FreeBSD Foundation. bhyve is a virtual machine hypervisor used in it. A security vulnerability exists in FreeBSD bhyve that stems from the 'pcixhcidevicedoorbell' function failing to validate the supplied 'epid' and 'streamid'. An attacker could...
Integer overflow
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor...
CVE-2016-1889
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor...
CVE-2016-1889
The CVE-2016-1889 entry describes an integer overflow in bhyve (FreeBSD hypervisor) when a guest is configured with more than about 3GB of memory. A crafted device descriptor could allow a local attacker to gain privileges by exploiting bounds-checking overflow in memory accesses by device emulat...