3 matches found
CVE-2020-24718
bhyve, as used in FreeBSD through 12.1 and illumos e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04, does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying...
CVE-2020-24718
CVE-2020-24718 affects bhyve in FreeBSD (through 12.x) and related illumos variants (e.g., OmniOS CE, OpenIndiana). The issue is insufficient access controls on Intel VMCS/VMCB structures, allowing a root user in a container (host or jailed bhyve instance) to modify VMCS_HOST_RIP and escalate to ...
FreeBSD-SA-20:28.bhyve_vmcs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:28.bhyvevmcs Security Advisory The FreeBSD Project Topic: bhyve privilege escalation via VMCS access Category: core Module: bhyve Announced: 2020-09-15...