FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a479a725-9adb-11e6-a298-14dae9d210b8	FreeBSD -- bhyve - privilege escalation vulnerability Problem Description: An unchecked array reference in the VGA device emulation code could potentially allow guests access to the heap of the bhyve process. Since the bhyve process is running as root, this may allow guests to obtain full control of the hosts they are running on. Impact: For bhyve virtual machines with the "fbuf" framebuffer device configured, if exploited, a malicious guest could obtain full access to not just the host system, but to other virtual machines running on the system. Discovery 2016-10-25 Entry 2016-10-25 Modified 2016-10-25 FreeBSD-kernel ge 11.0 lt 11.0_2 SA-16:32.bhyve

VuXML ID

Description

a479a725-9adb-11e6-a298-14dae9d210b8

FreeBSD -- bhyve - privilege escalation vulnerability

Problem Description:

An unchecked array reference in the VGA device emulation code could potentially allow guests access to the heap of the bhyve process. Since the bhyve process is running as root, this may allow guests to obtain full control of the hosts they are running on.

Impact:

For bhyve virtual machines with the "fbuf" framebuffer device configured, if exploited, a malicious guest could obtain full access to not just the host system, but to other virtual machines running on the system.

Discovery 2016-10-25
Entry 2016-10-25
Modified 2016-10-25
FreeBSD-kernel

ge 11.0 lt 11.0_2

SA-16:32.bhyve