This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a6d5d4c1-0564-11ec-b69d-4062311215d5 | FreeBSD -- Missing error handling in bhyve(8) device modelsProblem Description:Certain VirtIO-based device models failed to handle errors when fetching I/O descriptors. Such errors could be triggered by a malicious guest. As a result, the device model code could be tricked into operating on uninitialized I/O vectors, leading to memory corruption. Impact:A malicious guest may be able to crash the bhyve process. It may be possible to exploit the memory corruption bugs to achieve arbitrary code execution in the bhyve process. Discovery 2021-08-24 Entry 2021-08-25 FreeBSD ge 13.0 lt 13.0_4 ge 12.2 lt 12.2_10 ge 11.4 lt 11.4_13 CVE-2021-29631 SA-21:13.bhyve |