Lucene search
K

5 matches found

OSV
OSV
added 2024/09/05 5:15 a.m.7 views

CVE-2024-8178

The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...

8.8CVSS6.3AI score0.00601EPSS
Exploits0References2
OSV
OSV
added 2024/09/05 5:15 a.m.6 views

CVE-2024-43110

The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...

8.8CVSS6.3AI score0.00395EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/05 4:31 a.m.24 views

CVE-2024-43110 Multiple issues in ctl(4) CAM Target Layer

The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...

0.00395EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.7 views

PT-2024-8608 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to the ctl request sense function in the ctl subsystem of FreeBSD operating systems, which can lead to a buffer overflow in memory. This can allow an attacker to execut...

8.8CVSS8.7AI score0.00395EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.4 views

PT-2022-4357 · Lib9P +1 · Lib9P +1

Name of the Vulnerable Software and Affected Versions: lib9p affected versions not specified Description: The issue is related to the handling of RWALK messages in lib9p, where a missing bounds check allows a specially crafted message to cause lib9p to overwrite unrelated memory. This could...

10CVSS7.3AI score0.00654EPSS
Exploits0References8
Rows per page
Query Builder