4 matches found
CVE-2024-32668
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, whic...
CVE-2024-32668 bhyve(8) privileged guest escape via USB controller
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, whic...
CVE-2024-32668 bhyve(8) privileged guest escape via USB controller
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, whic...
FreeBSD-SA-24:12.bhyve
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:12.bhyve Security Advisory The FreeBSD Project Topic: bhyve8 privileged guest escape via USB controller Category: core Module: bhyve Announced: 2024-09-04...