15 matches found
FreeBSD : FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer (8caa5d60-a174-11ef-9a62-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8caa5d60-a174-11ef-9a62-002590c1f29c advisory. The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed...
CVE-2024-45289 Unbounded allocation in ctl(4) CAM Target Layer
The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a...
CVE-2024-39281
The CVE-2024-39281 issue affects FreeBSD where the command ctl_persistent_reserve_out lets a caller specify an arbitrary size passed to the kernel memory allocator, enabling unbounded allocation in the ctl(4) CAM Target Layer and potentially causing a host DoS. The FreeBSD security advisory SA-24...
CVE-2024-39281 Unbounded allocation in ctl(4) CAM Target Layer
The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator...
CVE-2024-39281 Unbounded allocation in ctl(4) CAM Target Layer
The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator...
PT-2024-28419 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue allows the caller to specify an arbitrary size using the ctl persistent reserve out command, which will be passed to the kernel's memory allocator. This could potentially lead to...
FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer
Problem Description: The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator. Impact: A malicious guest could cause a Denial of Service DoS on the host...
FreeBSD : FreeBSD -- Multiple issues in ctl(4) CAM Target Layer (9bd5e47b-6b50-11ef-9a62-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9bd5e47b-6b50-11ef-9a62-002590c1f29c advisory. Several vulnerabilities were found in the ctl subsystem. The function ctlwritebuffer incorrect...
CVE-2024-45063 Multiple issues in ctl(4) CAM Target Layer
The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...
CVE-2024-45063 Multiple issues in ctl(4) CAM Target Layer
The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...
CVE-2024-43110 Multiple issues in ctl(4) CAM Target Layer
The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...
CVE-2024-42416 Multiple issues in ctl(4) CAM Target Layer
The ctlreportsupportedopcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on...
CVE-2024-42416 Multiple issues in ctl(4) CAM Target Layer
The ctlreportsupportedopcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on...
CVE-2024-8178 Multiple issues in ctl(4) CAM Target Layer
The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...
FreeBSD-SA-24:11.ctl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:11.ctl Security Advisory The FreeBSD Project Topic: Multiple issues in ctl4 CAM Target Layer Category: core Module: ctl Announced: 2024-09-04 Credits:...