5 matches found
CVE-2024-8178
The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...
CVE-2024-43110
The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...
CVE-2024-43110 Multiple issues in ctl(4) CAM Target Layer
The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...
PT-2024-8608 · Bhyve +1 · Bhyve +1
Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to the ctl request sense function in the ctl subsystem of FreeBSD operating systems, which can lead to a buffer overflow in memory. This can allow an attacker to execut...
PT-2022-4357 · Lib9P +1 · Lib9P +1
Name of the Vulnerable Software and Affected Versions: lib9p affected versions not specified Description: The issue is related to the handling of RWALK messages in lib9p, where a missing bounds check allows a specially crafted message to cause lib9p to overwrite unrelated memory. This could...