The vulnerability of the ctl_write_buffer() function in the ctl subsystem of the FreeBSD operating system allows a hacker to execute arbitrary code.

The vulnerability of the ctlwritebuffer function in the ctl subsystem of the FreeBSD operating system is related to the use of memory after it is freed due to incorrect flag setting. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2024-45063

The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...

CVE-2024-8178

The ctlwritebuffer and ctlreadbuffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which...

FreeBSD 资源管理错误漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A resource management error vulnerability exists in FreeBSD that stems from the ctlwritebuffer function incorrectly setting a flag that results in kernel-release-after-reuse when the command completes processing...