Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 06 Sep 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Freebsd
Freebsd freebsd |
|
CPEs | cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* | |
Vendors & Products |
Freebsd
Freebsd freebsd |
|
Metrics |
cvssV3_1
|
Thu, 05 Sep 2024 03:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. | |
Title | bhyve(8) privileged guest escape via TPM device passthrough | |
Weaknesses | CWE-125 CWE-1285 CWE-787 |
|
References |
|
MITRE
Status: PUBLISHED
Assigner: freebsd
Published: 2024-09-05T03:32:56.561Z
Updated: 2024-09-20T16:03:10.182Z
Reserved: 2024-08-27T16:30:55.953Z
Link: CVE-2024-41928
Vulnrichment
Updated: 2024-09-20T16:03:10.182Z
NVD
Status : Awaiting Analysis
Published: 2024-09-05T04:15:06.947
Modified: 2024-11-21T09:33:17.773
Link: CVE-2024-41928
Redhat
No data.